2 matches found
CVE-2024-9981
The CVE-2024-9981 entry concerns FormosaSoft ee-class where a failure to properly validate a specific page parameter enables an attacker with regular privileges to upload a malicious PHP file and then trigger inclusion of that file, leading to arbitrary code execution on the server. Multiple sour...
CVE-2024-9980
CVE-2024-9980 affects FormosaSoft ee-class. The vulnerability is an SQL injection caused by insufficient validation of a specific page parameter, enabling remote attackers with regular privileges to read, modify, and delete database contents. Documents consistently identify the affected software ...