CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2864

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile23.44th
PublishedApr 15, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences.

Affected Platforms (CPE)

πŸ“¦
Paperthin

Commonspot Content Server

<= 7.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.0
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.2

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/437385
πŸ”— http://www.kb.cert.org/vuls/id/437385

Related Vulnerabilities

CVE-2005-45755.0

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg p...

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2014-052810.0

Double free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attac...