CVE-2024-9980

The ee-class from FormosaSoft does not properly validate a specific page parameter, allowing remote attackers with regular privileges to inject arbitrary SQL commands to read, modify and delete database contents. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt