CVE-2024-11145

CVSS V2 None CVSS V3 None

Description

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5.

Overview

CVE ID
CVE-2024-11145

Assigner
cisa-cg

Vulnerability Status
PUBLISHED

Published Version
2024-11-26T19:17:44.520Z

Last Modified Date
2024-11-26T19:39:10.277Z

Weakness Enumerations

CWE	URL
CWE-502	http://cwe.mitre.org/data/definitions/502.html

References

Reference URL	Reference Tags
https://www.valorapps.com/web-products/easy-folder-listing-pro.html
https://github.com/cisagov/CSAF/blob/develop/csaf_files/IT/white/2024/va-24-331-01.json

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2024-11145
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-11145

History

Created	Old Value	New Value	Data Type	Notes
2024-11-27 13:24:25				Added to TrackCVE