Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 RC1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) ad_popup.php, (2) camp_html.php, (3) init_content.php, (4) logout.php, (5) menu.php, and (6) set-author.php in admin-files/; (7) conf/liveuser_configuration.php; (8) include/phorum_load.php; (9) CommandProcessor.php and (10) index.php in admin-files/article_import; and (11) add.php, (12) add_move.php, (13) autopublish.php, and (14) autopublish_del.php in admin-files/articles/.
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2009-06-23T21:21:00

Updated: 2024-08-07T05:44:55.290Z

Reserved: 2009-06-23T00:00:00

Link: CVE-2009-2182

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2009-06-23T21:30:00.500

Modified: 2024-11-21T01:04:18.847

Link: CVE-2009-2182

cve-icon Redhat

No data.