Commonspot Content Server Security Vulnerabilities and Issues — Commonspot Content Server CVE List

Lucene search

PaperthinCommonspot Content Server

3 matches found

CVE•added 2014/04/15 11:13 p.m.•42 views

CVE-2014-2868

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable.

7.5CVSS7.2AI score0.01342EPSS

CVE•added 2014/04/15 11:13 p.m.•40 views

CVE-2014-2859

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a direct request.

7.5CVSS6.9AI score0.00345EPSS

CVE•added 2014/04/15 11:13 p.m.•36 views

CVE-2014-2865

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion installation.

7.5CVSS6.9AI score0.00345EPSS