CVE-2006-5911

Vulnerability Description

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php, (2) Article.php, (3) ArticleAttachment.php, (4) ArticleComment.php, (5) ArticleData.php, (6) ArticleImage.php, (7) ArticleIndex.php, (8) ArticlePublish.php, (9) ArticleTopic.php, (10) ArticleType.php, (11) ArticleTypeField.php, (12) Attachment.php, (13) Country.php, (14) DatabaseObject.php, (15) Event.php, (16) IPAccess.php, (17) Image.php, (18) Issue.php, (19) IssuePublish.php, (20) Language.php, (21) Log.php, (22) LoginAttempts.php, (23) Publication.php, (24) Section.php, (25) ShortURL.php, (26) Subscription.php, (27) SubscriptionDefaultTime.php, (28) SubscriptionSection.php, (29) SystemPref.php, (30) Template.php, (31) TimeUnit.php, (32) Topic.php, (33) UrlType.php, (34) User.php, and (35) UserType.php in implementation/management/classes/; (36) configuration.php and (37) db_connect.php in implementation/management/; and (38) LocalizerConfig.php and (39) LocalizerLanguage.php in implementation/management/priv/localizer/.

CVSS Score

Affected Products

References

• http://code.campware.org/projects/campsite/changeset/6057Patch
• http://code.campware.org/projects/campsite/changeset/6058Patch
• http://code.campware.org/projects/campsite/query?milestone=2.6.2
• http://code.campware.org/projects/campsite/ticket/2349
• http://sourceforge.net/project/shownotes.php?release_id=459574&group_id=66936Patch
• http://www.osvdb.org/34187
• http://www.osvdb.org/34188
• http://www.osvdb.org/34189
• http://www.osvdb.org/34190
• http://www.osvdb.org/34191
• http://www.osvdb.org/34192
• http://www.osvdb.org/34193
• http://www.osvdb.org/34194
• http://www.osvdb.org/34195
• http://www.osvdb.org/34196