Sharepoint Bulk File Download Security Vulnerabilities and Issues — Sharepoint Bulk File Download CVE List

Lucene search

VirtosoftwareSharepoint Bulk File Download

3 matches found

CVE•added 2024/06/24 5:15 p.m.•74 views

CVE-2024-33880

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive.

5.3CVSS7.2AI score0.00131EPSS

CVE•added 2024/06/24 5:15 p.m.•70 views

CVE-2024-33881

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter.

7.5CVSS7.1AI score0.0024EPSS

CVE•added 2024/06/24 5:15 p.m.•69 views

CVE-2024-33879

An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter.

9.8CVSS7.3AI score0.0038EPSS