Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paperthin commonspot content server 8.0.1 vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2014-2859
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to bypass intended access restrictions via a direct request.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
578
VMScore
CVE-2014-2862
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 does not check authorization in unspecified situations, which allows remote authenticated users to perform actions via unknown vectors.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
890
VMScore
CVE-2014-2864
Multiple directory traversal vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to have an unspecified impact via a filename parameter containing directory traversal sequences.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
668
VMScore
CVE-2014-2865
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion...
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
890
VMScore
CVE-2014-2867
Unrestricted file upload vulnerability in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to execute arbitrary code by uploading a ColdFusion page, and then accessing it via unspecified vectors.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
445
VMScore
CVE-2014-2869
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to obtain sensitive information via requests to unspecified URIs, as demonstrated by pathname, SQL server, e-mail address, and IP address information.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
445
VMScore
CVE-2014-2871
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 relies on an HTTP session for entering credentials on login pages, which allows remote malicious users to obtain sensitive information by sniffing the network.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
445
VMScore
CVE-2014-2873
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 does not require authentication for access to log files, which allows remote malicious users to obtain sensitive server information by using a predictable name in a request for a file.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
383
VMScore
CVE-2014-2860
Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
890
VMScore
CVE-2014-2863
Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to have an unspecified impact via a full pathname in a parameter.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »