11 matches found
EUVD-2024-31585
Malicious code in bioql PyPI...
CVE-2024-33879
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter...
CVE-2024-33879
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter...
VirtoSoftware Virto Bulk File Download Security Vulnerability
VirtoSoftware Virto Bulk File Download is a batch file download application from VirtoSoftware USA. A security vulnerability exists in VirtoSoftware SharePoint Bulk File Download version 5.5.44, which originates from allowing arbitrary files to be downloaded and deleted by traversing absolute pat...
CVE-2024-33881
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...
PT-2024-25528 · Virtosoftware · Virto Bulk File Download
Name of the Vulnerable Software and Affected Versions: VirtoSoftware Virto Bulk File Download version 5.5.44 for SharePoint 2019 Description: An issue was discovered that allows an NTLMv2 hash leak via a UNC share pathname in the path parameter of the isCompleted method in the...
CVE-2024-33880
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive...
CVE-2024-33881
An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter...
CVE-2024-33881
The CVE-2024-33881 affects VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The issue lies in the Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method, which allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. Documents consistently describ...
CVE-2024-33879
VirtoSoftware Virto Bulk File Download for SharePoint 2019 (version 5.5.44) is affected. The vulnerability is in Virto.SharePoint.FileDownloader/Api/Download.ashx -> isCompleted method, which allows arbitrary file download and deletion via absolute path traversal in the path parameter. Public ...
VirtoSoftware Virto Bulk File Download Security Vulnerability
VirtoSoftware Virto Bulk File Download is a batch file download application from VirtoSoftware USA. A security vulnerability exists in VirtoSoftware Virto Bulk File Download version 5.5.44, which originates from disclosing full pathnames...