CVE-2006-5910

Campware Campsite - Remote File Inclusion via g_documentRoot Parameter

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-5910. PoCs published by Kw3[R]Ln.

AI-analyzed exploit summary This exploit demonstrates a remote file inclusion vulnerability in CampSite - BugReporter <= 2.6.1 due to unsanitized $g_documentRoot variable when register_globals is enabled. An attacker can inject a malicious PHP script via the thankyou.php URL parameter.

Description

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) bugreporter/thankyou.php and (2) feedback/thankyou.php in implementation/management/priv/.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Kw3[R]Ln · textwebappsphp
https://www.exploit-db.com/exploits/2560

This exploit demonstrates a remote file inclusion vulnerability in CampSite - BugReporter <= 2.6.1 due to unsanitized $g_documentRoot variable when register_globals is enabled. An attacker can inject a malicious PHP script via the thankyou.php URL parameter.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Trivial
Reliability
Reliable
Target: CampSite - BugReporter <= 2.6.1
No auth needed
Prerequisites: register_globals=on · remote file inclusion enabled
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5
Core References
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/20519
Third Party Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2006/4776
Various Sources x_refsource_confirm
http://code.campware.org/projects/campsite/ticket/2363

Scores

EPSS 0.0255
EPSS Percentile 82.9%

Details

Status published
Products (2)
campware.org/campsite 2.6.0
campware.org/campsite 2.6.1
Published Nov 15, 2006
Tracked Since Feb 18, 2026