2 matches found
CVE-2014-2865
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion installation...
CVE-2014-2865
CVE-2014-2865 affects PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3. The vulnerability allows remote attackers to bypass intended access restrictions by using a NULL byte ('\0') in a pathname on the drive that contains the web root for a ColdFusion installation. The available documen...