CVE-2014-2867

2014-04-15T23:13:00
ID CVE-2014-2867
Type cve
Reporter cve@mitre.org
Modified 2014-04-16T14:26:00

Description

Unrestricted file upload vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code by uploading a ColdFusion page, and then accessing it via unspecified vectors. Per: http://cwe.mitre.org/data/definitions/434.html "CWE-434: Unrestricted Upload of File with Dangerous Type"