CVE-2024-44807 Information

Description

A directory listing issue in the baserCMS plugin in D-ZERO CO. LTD. BurgerEditor and BurgerEditor Limited Edition before 2.25.1 allows remote attackers to obtain sensitive information by exposing a list of the uploaded files.

Reference

http://basercms.com http://burgereditor.com https://burger.d-zero.co.jp/blogs/archives/2 https://jvn.jp/en/jp/JVN54676967/ https://jvn.jp/jp/JVN54676967/ https://jvndb.jvn.jp/en/contents/2024/JVNDB-2024-000109.html