Vulnerability Details CVE-2024-9980
The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 61.4%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2024-9980
-
cpe:2.3:a:formosasoft:ee-class:*