CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

CVE-2026-35412

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

CVE-2026-32759

File Browser CVE-2026-32759 affects versions 2.61.2 and earlier with a faulty TUS upload handler: Upload-Length is parsed as signed 64-bit without non-negative validation, allowing an authenticated user to supply a negative value that completes uploads on the first PATCH. This can trigger after_u...

MOVEit SQL Injection vulnerability

This module exploits an SQL injection vulnerability in the MOVEit Transfer web application that allows an unauthenticated attacker to gain access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker can leverage an...

GHSA-QP5M-C3M9-8Q2P JSPUI vulnerable to path traversal in submission (resumable) upload

Impact The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowing an attacker to create files/directories anywhere on the server writable by the Tomcat/DSpace user, by modifying some request parameters durin...

Path Traversal

org.dspace:dspace-jspui is vulnerable to path traversal. The vulnerability exists due to the resumable upload implementations in SubmissionController and FileUploadRequest components, which allows an attacker to modify request parameters during submission and create files or directories anywhere ...

CVE-2022-31194

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI resumable upload implementations in SubmissionController and FileUploadRequest are vulnerable to multiple path traversal attacks, allowi...