PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code via shell metacharacters in an unspecified context.
Max CVSS
10.0
EPSS Score
0.32%
Published
2014-04-15
Updated
2014-04-16
Unrestricted file upload vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code by uploading a ColdFusion page, and then accessing it via unspecified vectors.
Max CVSS
10.0
EPSS Score
0.28%
Published
2014-04-15
Updated
2014-04-16
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 relies on client JavaScript code for access restrictions, which allows remote attackers to perform unspecified operations by modifying this code.
Max CVSS
10.0
EPSS Score
0.34%
Published
2014-04-15
Updated
2014-04-16
Multiple directory traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a filename parameter containing directory traversal sequences.
Max CVSS
10.0
EPSS Score
0.26%
Published
2014-04-15
Updated
2014-04-16
Multiple absolute path traversal vulnerabilities in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allow remote attackers to have an unspecified impact via a full pathname in a parameter.
Max CVSS
10.0
EPSS Score
0.26%
Published
2014-04-15
Updated
2014-04-16
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!