CyberSec.Space Logo
Back to CVE Browser

CVE-2014-2866

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1200%
EPSS Percentile14.48th
PublishedApr 15, 2014
Last ModifiedMay 6, 2026

Vulnerability Description

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on client JavaScript code for access restrictions, which allows remote attackers to perform unspecified operations by modifying this code.

Affected Platforms (CPE)

πŸ“¦
Paperthin

Commonspot Content Server

<= 7.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.0
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.1
πŸ“¦
Paperthin

Commonspot Content Server

= 8.0.2

References & Advisories

πŸ”— http://www.kb.cert.org/vuls/id/437385
πŸ”— http://www.kb.cert.org/vuls/id/437385

Related Vulnerabilities

CVE-2005-45755.0

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg p...

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2014-052410.0

Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code...