CVE-2014-2865
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion installation.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0034 (0.3%)
Percentil: 57.0%
EPSS: 2026-05-06
Afecta
paperthin:commonspot_content_serverDescripción técnica
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to bypass intended access restrictions via a '\0' character, as demonstrated by using this character within a pathname on the drive containing the web root directory of a ColdFusion installation.
Publicada: 15/4/2014, 23:13:17
Última modificación: 6/5/2026, 22:30:45