← Volver a CVEs
CVE-2024-11145
CRITICAL9.8
Descripcion
Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5.
Detalles CVE
Puntuacion CVSS v3.19.8
SeveridadCRITICAL
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado11/26/2024
Ultima modificacion9/23/2025
Fuentenvd
Avistamientos honeypot0
Productos afectados
valorapps:easy_folder_listing_pro
Debilidades (CWE)
CWE-502
Referencias
https://github.com/cisagov/CSAF/blob/develop/csaf_files/IT/white/2024/va-24-331-01.json(9119a7d8-5eab-497f-8521-727c672e3725)
https://www.valorapps.com/web-products/easy-folder-listing-pro.html(9119a7d8-5eab-497f-8521-727c672e3725)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.