Multiple vulnerabilities have been identified in Campware Campsite, which could be exploited by attackers to execute arbitrary commands. These flaws are due to input validation errors in the "implementation/management/priv/bugreporter/thankyou.php" and "implementation/management/priv/feedback/thankyou.php" scripts that do not validate the "g_documentRoot" parameter, which could be exploited by remote attackers to include malicious scripts and execute arbitrary commands with the privileges of the web server.
Vulnerable Products
Vulnerable Software: Campware Campsite version 2.6.2 and prior
