CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2863

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0000%
EPSS Percentile1.09th
PublishedApr 15, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a full pathname in a parameter.

Affected Platforms (CPE)

πŸ“¦
Paperthin

Commonspot Content Server

<= 7.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.0
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.2

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/437385
πŸ”— http://www.kb.cert.org/vuls/id/437385

Related Vulnerabilities

CVE-2005-45755.0

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg p...

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...