Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Sharepoint_bulk_file_download
(Virtosoftware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 3 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-06-24 | CVE-2024-33880 | An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. It discloses full pathnames via Virto.SharePoint.FileDownloader/Api/Download.ashx?action=archive. | Sharepoint_bulk_file_download | 5.3 | ||
| 2024-06-24 | CVE-2024-33879 | An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows arbitrary file download and deletion via absolute path traversal in the path parameter. | Sharepoint_bulk_file_download | 9.8 | ||
| 2024-06-24 | CVE-2024-33881 | An issue was discovered in VirtoSoftware Virto Bulk File Download 5.5.44 for SharePoint 2019. The Virto.SharePoint.FileDownloader/Api/Download.ashx isCompleted method allows an NTLMv2 hash leak via a UNC share pathname in the path parameter. | Sharepoint_bulk_file_download | 5.3 |