CVE-2024-44807

Name of the Vulnerable Software and Affected Versions baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition versions prior to 2.25.1

Description A directory listing issue allows remote attackers to obtain sensitive information by exposing a list of the uploaded files. This issue affects the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and BurgerEditor Limited Edition, allowing attackers to access sensitive data.

Recommendations For versions prior to 2.25.1, update to version 2.25.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the uploaded files directory to minimize the risk of exploitation.