ГлавнаяУязвимости → CVE-2024-11145
9.8критическая

CVE-2024-11145

Описание

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5.

Затрагиваемое ПО
Valorapps Easy folder listing pro
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/cisagov/CSAF/blob/develop/csaf_files/IT/white/2024/va-24-331-01.jsonhttps://www.valorapps.com/web-products/easy-folder-listing-pro.html