CVE-2024-33881 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 UNC Share Pathname Download.ashx path information disclosure

Inserito da Angelo Barbosa | Giu 24, 2024 | CVE

A vulnerability classified as problematic has been found in VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44. Affected is an unknown function of the file Virto.SharePoint.FileDownloader/Api/Download.ashx of the component UNC Share Pathname Handler. The manipulation of the argument path leads to information disclosure.

This vulnerability is traded as CVE-2024-33881. The attack can only be done within the local network. There is no exploit available.

CVE-2024-33881 | VirtoSoftware Virto Bulk File Download for SharePoint 2019 5.5.44 UNC Share Pathname Download.ashx path information disclosure

Post correlati

CVE-2024-31205 | Saleor up to 3.19.18 cross-site request forgery

CVE-2023-6424 | BigProf Online Clinic Management System 2.2 disease_symptoms_view.php FirstRecord cross site scripting

CVE-2024-4157 | techjewel Contact Form Plugin Plugin up to 5.1.15 on WordPress deserialization (ID 3081740)

CVE-2024-24980 | Intel Xeon protection mechanism (intel-sa-01100)