{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-11T08:11:48.831","vulnerabilities":[{"cve":{"id":"CVE-2024-11215","sourceIdentifier":"cve-coordination@incibe.es","published":"2024-11-14T14:15:18.367","lastModified":"2026-01-07T21:08:31.453","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to bypass SecurityManager restrictions and retrieve any file stored on the server by setting only consecutive strings ‘/...%5c’."},{"lang":"es","value":"Vulnerabilidad de path traversal absoluto (restricción incorrecta de una ruta a un directorio restringido) en el servidor web EasyPHP, que afecta a la versión 14.1. Esta vulnerabilidad podría permitir a usuarios remotos eludir las restricciones de SecurityManager y recuperar cualquier archivo almacenado en el servidor estableciendo únicamente cadenas consecutivas '/...%5c'."}],"metrics":{"cvssMetricV31":[{"source":"cve-coordination@incibe.es","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":6.5,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":2.8,"impactScore":3.6}]},"weaknesses":[{"source":"cve-coordination@incibe.es","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:easyphp:webserver:14.1:*:*:*:*:*:*:*","matchCriteriaId":"25E85EE7-0612-4478-A212-5E5F90944A3D"}]}]}],"references":[{"url":"https://www.incibe.es/en/incibe-cert/notices/aviso/path-traversal-vulnerability-easyphp","source":"cve-coordination@incibe.es","tags":["Third Party Advisory"]}]}}]}