Lucene search
+L

47 matches found

NVD
NVD
added 2026/06/29 6:16 p.m.13 views

CVE-2026-57957

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

4.7CVSS0.0025EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/29 5:23 p.m.8 views

EUVD-2026-40142

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

4.7CVSS6AI score0.0025EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/29 5:23 p.m.40 views

CVE-2026-57957 Papermark 0.22.0 - CORS Misconfiguration in Viewer Upload Endpoint

Papermark through 0.22.0 contains a cross-origin resource sharing CORS misconfiguration vulnerability that allows unauthenticated remote attackers to perform credentialed cross-origin requests by exploiting the TUS-based viewer upload endpoint reflecting arbitrary request Origins with...

4.7CVSS0.0025EPSS
Exploits0References3
CVE
CVE
added 2026/06/21 1:26 p.m.20 views

CVE-2026-56299

CVE-2026-56299 (Capgo) affects Capgo prior to 12.128.2. An authentication bypass in the /build/upload/:jobId/* endpoint allows unauthenticated remote attackers to trigger repeated 500 errors by sending OPTIONS requests, bypassing authentication middleware and invoking tusProxy logic with invalid ...

6.9CVSS5.9AI score0.00391EPSS
Exploits0References2
OSV
OSV
added 2026/06/21 1:26 p.m.3 views

CVE-2026-56299 Capgo - Denial of Service via Unauthenticated OPTIONS Request to /build/upload Endpoint

Capgo before 12.128.2 contains an authentication bypass vulnerability in the /build/upload/:jobId/ endpoint that allows unauthenticated attackers to trigger consistent 500 errors. Remote attackers can send OPTIONS requests to bypass authentication middleware and invoke tusProxy logic with invalid...

6.9CVSS6AI score0.00391EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.22 views

PT-2026-49067

Name of the Vulnerable Software and Affected Versions File Browser affected versions not specified Description File Browser fails to properly validate symbolic links, allowing scoped users or unauthenticated public-share recipients to access files outside their intended directory boundaries. Whil...

7.5CVSS5.3AI score0.0046EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.11 views

PsiTransfer 路径遍历漏洞

PsiTransfer is a simple, self-hosted file sharing solution developed by Christoph Wiechert. Versions of PsiTransfer prior to 2.4.3 contained a path traversal vulnerability. This vulnerability stemmed from the PATCH upload process, which validated the encoded request paths, but the downstream TUS...

7.5CVSS6.1AI score0.00307EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/13 2:0 a.m.4 views

CVE-2026-6150

A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

5.3CVSS4.3AI score0.00263EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/04/06 9:33 p.m.15 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS0.00302EPSS
Exploits0References1
OSV
OSV
added 2026/04/06 9:33 p.m.2 views

CVE-2026-35412 Directus has a TUS Upload Authorization Bypass Allows Arbitrary File Overwrite

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.16.1, Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6.1AI score0.00302EPSS
Exploits0References3
CVE
CVE
added 2026/04/06 9:33 p.m.17 views

CVE-2026-35412

Directus prior to 11.16.1 is vulnerable to an authorization bypass in the TUS resumable upload endpoint (/files/tus). The TUS controller only performs collection-level authorization on directus_files and does not validate item-level access for the target file, allowing any authenticated user with...

8.1CVSS6.1AI score0.00302EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.7 views

PT-2026-30329

Name of the Vulnerable Software and Affected Versions Directus versions prior to 11.16.1 Description Directus' TUS resumable upload endpoint /files/tus allows any authenticated user with basic file upload permissions to overwrite arbitrary existing files by UUID. The TUS controller performs only...

7.1CVSS6AI score0.00302EPSS
Exploits0References4
OSV
OSV
added 2026/03/26 8:32 p.m.7 views

GO-2026-4713 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely in github.com/filebrowser/filebrowser

File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely in github.com/filebrowser/filebrowser...

8.1CVSS5.9AI score0.01903EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/03/25 12:25 a.m.5 views

SUSE CVE-2026-29188

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create...

9.1CVSS5.8AI score0.00487EPSS
Exploits1References3
CNNVD
CNNVD
added 2026/03/20 12:0 a.m.8 views

File Browser 输入验证错误漏洞

File Browser is an open-source file management interface developed by File Browser. It allows for the uploading, deletion, previewing, and editing of files within a specified directory. Versions of File Browser 2.61.2 and earlier contained a vulnerability related to input validation errors. This...

8.1CVSS6.4AI score0.01903EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/19 11:31 p.m.23 views

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

5.3CVSS0.01903EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 11:31 p.m.6 views

CVE-2026-32759

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions 2.61.2 and below, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating that the value is...

5.3CVSS5.9AI score0.01903EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/19 11:31 p.m.2 views

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

5.3CVSS6.4AI score0.01903EPSS
Exploits1References2
OSV
OSV
added 2026/03/19 11:31 p.m.4 views

CVE-2026-32759 File Browser TUS Negative Upload-Length Fires Post-Upload Hooks Prematurely

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. In versions on the 2.x branch prior to 2.33.8, the TUS resumable upload handler parses the Upload-Length header as a signed 64-bit integer without validating th...

5.3CVSS6.6AI score0.01903EPSS
Exploits1References4
Snyk
Snyk
added 2026/03/16 8:43 p.m.6 views

Integer Overflow or Wraparound

Overview Affected versions of this package are vulnerable to Integer Overflow or Wraparound via the getUploadLength function. An attacker can repeatedly trigger post-upload hooks with arbitrary filenames and empty file contents by supplying a negative value in the Upload-Length header during a TU...

8.1CVSS6.6AI score0.01903EPSS
Exploits1References2
Rows per page
Query Builder