CVE-2014-2873
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0032 (0.3%)
Percentil: 54.5%
EPSS: 2026-05-06
Afecta
paperthin:commonspot_content_serverDescripción técnica
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file.
Publicada: 15/4/2014, 23:13:17
Última modificación: 6/5/2026, 22:30:45