14 matches found
EUVD-2024-50259
Malicious code in bioql PyPI...
EUVD-2024-50260
Malicious code in bioql PyPI...
CVE-2024-9981
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server...
CVE-2024-9980
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9980
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9981
The CVE-2024-9981 entry concerns FormosaSoft ee-class where a failure to properly validate a specific page parameter enables an attacker with regular privileges to upload a malicious PHP file and then trigger inclusion of that file, leading to arbitrary code execution on the server. Multiple sour...
CVE-2024-9981 FormosaSoft ee-class - Local File Inclusion
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server...
CVE-2024-9981 FormosaSoft ee-class - Local File Inclusion
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server...
CVE-2024-9980 FormosaSoft ee-class - SQL Injection
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9980 FormosaSoft ee-class - SQL Injection
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents...
CVE-2024-9980
CVE-2024-9980 affects FormosaSoft ee-class. The vulnerability is an SQL injection caused by insufficient validation of a specific page parameter, enabling remote attackers with regular privileges to read, modify, and delete database contents. Documents consistently identify the affected software ...
FormosaSoft ee-class SQL注入漏洞
FormosaSoft ee-class is a recording software from the Chinese company FormosaSoft. A SQL injection vulnerability exists in versions prior to FormosaSoft ee-class 20240326.13r14494, which stems from failure to properly validate specific page parameters, allowing a remote attacker with regular...
PT-2024-39978 · Formosasoft · Ee-Class
Name of the Vulnerable Software and Affected Versions: FormosaSoft ee-class affected versions not specified Description: The issue concerns a failure to properly validate a specific page parameter in the ee-class from FormosaSoft, allowing remote attackers with regular privileges to inject...
FormosaSoft ee-class 安全漏洞
FormosaSoft ee-class is a recording software from China-based FormosaSoft. A security vulnerability exists in versions prior to FormosaSoft ee-class 20240326.13r14494, which stems from failure to properly validate certain page parameters, which could allow a remote attacker with regular privilege...