CVE-2024-9981 - FormosaSoft ee-class Remote Code Execution (RCE)

1 month ago 14
ARTICLE AD BOX
CVE ID : CVE-2024-9981
Published : Oct. 15, 2024, 8:15 a.m. | 24 minutes ago
Description : The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to upload a malicious PHP file first and then exploit this vulnerability to include the file, resulting in arbitrary code execution on the server.
Severity: 8.8 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Read Entire Article