CVE-2024-11145

Summary

Valor Apps Easy Folder Listing Pro has a deserialization vulnerability that allows an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Joomla! application. Fixed in versions 3.8 and 4.5.

Affected Software

VendorProductVersion RangeStatus
Valor AppsEasy Folder Listing Pro3.7 < 3.8affected
Valor AppsEasy Folder Listing Pro3.8unaffected
Valor AppsEasy Folder Listing Pro4.4 < 4.5affected
Valor AppsEasy Folder Listing Pro4.5unaffected

Weaknesses

  • CWE-502: CWE-502 Deserialization of Untrusted Data

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: total

References