Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Campsite Security Vulnerabilities

cve
cve

CVE-2005-4661

The notifyendsubs cron job in Campsite before 2.3.3 sends an e-mail message containing a certain unencrypted MySQL password, which allows remote attackers to sniff the password.

7AI Score

0.007EPSS

2006-01-16 09:00 PM
20
cve
cve

CVE-2006-5910

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 20061110 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) bugreporter/thankyou.php and (2) feedback/thankyou.php in implementation/management/priv/.

8AI Score

0.03EPSS

2006-11-15 03:07 PM
22
cve
cve

CVE-2006-5911

Multiple PHP remote file inclusion vulnerabilities in Campware Campsite before 2.6.2 allow remote attackers to execute arbitrary PHP code via a URL in the g_documentRoot parameter to (1) Alias.php, (2) Article.php, (3) ArticleAttachment.php, (4) ArticleComment.php, (5) ArticleData.php, (6) ArticleI...

8AI Score

0.176EPSS

2006-11-15 03:07 PM
18
cve
cve

CVE-2006-5912

Unspecified vulnerability in Campware Campsite before 2.6.2 has unknown impact and attack vectors, related to a "Security fix for you-know-what," possibly related to encrypted passwords.

7.1AI Score

0.003EPSS

2022-10-03 04:21 PM
20
cve
cve

CVE-2009-2181

Cross-site scripting (XSS) vulnerability in admin-files/templates/list_dir.php in Campsite 3.3.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the listbasedir parameter.

5.8AI Score

0.001EPSS

2009-06-23 09:30 PM
29
cve
cve

CVE-2009-2182

Multiple PHP remote file inclusion vulnerabilities in Campsite 3.3.0 RC1 allow remote attackers to execute arbitrary PHP code via a URL in the GLOBALS[g_campsiteDir] parameter to (1) ad_popup.php, (2) camp_html.php, (3) init_content.php, (4) logout.php, (5) menu.php, and (6) set-author.php in admin...

7.8AI Score

0.005EPSS

2009-06-23 09:30 PM
25
cve
cve

CVE-2009-2183

Directory traversal vulnerability in admin-files/ad.php in Campsite 3.3.0 RC1 allows remote attackers to read and possibly execute arbitrary local files via a .. (dot dot) in the GLOBALS[g_campsiteDir] parameter.

7.3AI Score

0.005EPSS

2009-06-23 09:30 PM
25
cve
cve

CVE-2010-1867

SQL injection vulnerability in the ArticleAttachment::GetAttachmentsByArticleNumber method in javascript/tinymcs/plugins/campsiteattachment/attachments.php in Campsite 3.3.5 and earlier allows remote attackers to execute arbitrary SQL commands via the article_id parameter.

8.5AI Score

0.003EPSS

2010-05-07 11:00 PM
29
cve
cve

CVE-2010-4973

Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the f_search_keywords parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

5.7AI Score

0.001EPSS

2022-10-03 04:21 PM
16