Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
paperthin commonspot content server 8.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-2862
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 does not check authorization in unspecified situations, which allows remote authenticated users to perform actions via unknown vectors.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
NA
CVE-2014-2859
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to bypass intended access restrictions via a direct request.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
NA
CVE-2014-2864
Multiple directory traversal vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to have an unspecified impact via a filename parameter containing directory traversal sequences.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
NA
CVE-2014-2865
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion...
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
NA
CVE-2014-2868
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to modify the flow of execution of ColdFusion code by using an HTTP GET request to set a ColdFusion variable.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
NA
CVE-2014-2870
The default configuration of PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 uses cleartext for storage of credentials in a database, which makes it easier for context-dependent malicious users to obtain sensitive information via unspecified vectors.
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
NA
CVE-2014-2872
PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to obtain potentially sensitive information from a directory listing via unspecified vectors.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
NA
CVE-2014-2860
Multiple cross-site scripting (XSS) vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to inject arbitrary web script or HTML via a crafted HTTP request to a (1) ColdFusion or (2) JavaScript component.
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.0
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.1
NA
CVE-2014-2861
Incomplete blacklist vulnerability in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allows remote malicious users to conduct cross-site scripting (XSS) attacks via a crafted string, as demonstrated by bypassing a protection mechanism that removes only the "alert...
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
NA
CVE-2014-2863
Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot prior to 7.0.2 and 8.x prior to 8.0.3 allow remote malicious users to have an unspecified impact via a full pathname in a parameter.
Paperthin Commonspot Content Server
Paperthin Commonspot Content Server 8.0.2
Paperthin Commonspot Content Server 8.0.1
Paperthin Commonspot Content Server 8.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »