Formosasoft

formosasoft

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Ee Class

ee-class

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-9981 1Formosasoft 1Ee Class Oct 17, 2024 Oct 15, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include th...Show more The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server.Show less
CVE-2024-9980 1Formosasoft 1Ee Class Oct 17, 2024 Oct 15, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-9981

1Formosasoft

1Ee Class

Oct 17, 2024

Oct 15, 2024

N/A· v4

8.8 HIGH· v3

N/A· v2

The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include th...Show more

CVE-2024-9980