CVE-2006-5911 Information

Feb 14, 2021 cve

Description

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php (2) Article.php (3) ArticleAttachment.php (4) ArticleComment.php (5) ArticleData.php (6) ArticleImage.php (7) ArticleIndex.php (8) ArticlePublish.php (9) ArticleTopic.php (10) ArticleType.php (11) ArticleTypeField.php (12) Attachment.php (13) Country.php (14) DatabaseObject.php (15) Event.php (16) IPAccess.php (17) Image.php (18) Issue.php (19) IssuePublish.php (20) Language.php (21) Log.php (22) LoginAttempts.php (23) Publication.php (24) Section.php (25) ShortURL.php (26) Subscription.php (27) SubscriptionDefaultTime.php (28) SubscriptionSection.php (29) SystemPref.php (30) Template.php (31) TimeUnit.php (32) Topic.php (33) UrlType.php (34) User.php and (35) UserType.php in implementation/management/classes/; (36) configuration.php and (37) db_connect.php in implementation/management/; and (38) LocalizerConfig.php and (39) LocalizerLanguage.php in implementation/management/priv/localizer/.

Reference

http://code.campware.org/projects/campsite/changeset/6057 http://code.campware.org/projects/campsite/changeset/6058 http://code.campware.org/projects/campsite/query?milestone=2.6.2 http://code.campware.org/projects/campsite/ticket/2349 http://sourceforge.net/project/shownotes.php?release_id=459574&group_id=66936 http://www.osvdb.org/34187 http://www.osvdb.org/34188 http://www.osvdb.org/34189 http://www.osvdb.org/34190 http://www.osvdb.org/34191 http://www.osvdb.org/34192 http://www.osvdb.org/34193 http://www.osvdb.org/34194 http://www.osvdb.org/34195 http://www.osvdb.org/34196 http://www.osvdb.org/34197 http://www.osvdb.org/34198 http://www.osvdb.org/34199 http://www.osvdb.org/34200 http://www.osvdb.org/34201 http://www.osvdb.org/34202 http://www.osvdb.org/34203 http://www.osvdb.org/34204 http://www.osvdb.org/34205 http://www.osvdb.org/34206 http://www.osvdb.org/34207 http://www.osvdb.org/34208 http://www.osvdb.org/34209 http://www.osvdb.org/34210 http://www.osvdb.org/34211 http://www.osvdb.org/34212 http://www.osvdb.org/34213 http://www.osvdb.org/34214 http://www.osvdb.org/34215 http://www.osvdb.org/34216 http://www.osvdb.org/34217 http://www.osvdb.org/34218 http://www.osvdb.org/34219 http://www.osvdb.org/34220 http://www.osvdb.org/34221 http://www.osvdb.org/34222 http://www.osvdb.org/34223 http://www.osvdb.org/34224 http://www.osvdb.org/34225 http://www.securityfocus.com/bid/23874

Share on: