CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2014-2864

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0220%
EPSS Percentile23.44th
Published2014年4月15日
Last Modified2026年5月6日

Vulnerability Description

Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences.

Affected Platforms (CPE)

📦
Paperthin

Commonspot Content Server

<= 7.0.1
📦
Paperthin

Commonspot Content Server

= 8.0.0
📦
Paperthin

Commonspot Content Server

= 8.0.1
📦
Paperthin

Commonspot Content Server

= 8.0.2

References & Advisories

🔗 http://www.kb.cert.org/vuls/id/437385
🔗 http://www.kb.cert.org/vuls/id/437385

相關漏洞威脅

CVE-2005-45755.0

PaperThin CommonSpot Content Server 4.5 and earlier allow remote attackers to obtain sensitive information via an invalid errmsg p...

CVE-2005-45744.3

Cross-site scripting (XSS) vulnerability in loader.cfm in PaperThin CommonSpot Content Server 4.5 and earlier allows remote attack...

CVE-2010-04684.3

Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote attackers ...

CVE-2014-718710.0

Off-by-one error in the read_token_word function in parse.y in GNU Bash through 4.3 bash43-026 allows remote attackers to cause a ...