Unrated severityNVD Advisory· Published Apr 15, 2014· Updated Jun 17, 2026
CVE-2014-2867
CVE-2014-2867
Description
Unrestricted file upload vulnerability in PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute arbitrary code by uploading a ColdFusion page, and then accessing it via unspecified vectors.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
5cpe:2.3:a:paperthin:commonspot_content_server:*:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:a:paperthin:commonspot_content_server:*:*:*:*:*:*:*:*range: <=7.0.1
- cpe:2.3:a:paperthin:commonspot_content_server:8.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:paperthin:commonspot_content_server:8.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:paperthin:commonspot_content_server:8.0.2:*:*:*:*:*:*:*
- Range: <7.0.2, >=8.0 <8.0.3
Patches
Vulnerability mechanics
References
1- www.kb.cert.org/vuls/id/437385nvdUS Government Resource
News mentions
0No linked articles in our index yet.