CVE-2006-5910

Name of the Vulnerable Software and Affected Versions Campsite versions prior to 20061110

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the g documentRoot parameter to API endpoints such as "/bugreporter/thankyou.php" and "/feedback/thankyou.php" in the "implementation/management/priv/" directory.

Recommendations For versions prior to 20061110, consider restricting access to the vulnerable API endpoints "/bugreporter/thankyou.php" and "/feedback/thankyou.php" until a patch is available. Avoid using the g documentRoot parameter in these endpoints to minimize the risk of exploitation.