Allaire: >> Spectra >> 1.0 Security Vulnerabilities
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule.
CVSS Score
2.1
EPSS Score
0.001
Published
2000-04-24
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
CVSS Score
4.6
EPSS Score
0.001
Published
2000-01-04
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
CVSS Score
5.0
EPSS Score
0.007
Published
2000-01-04
The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter.
CVSS Score
7.5
EPSS Score
0.005
Published
2000-01-01