Campsite 'g_campsiteDir' Remote and Local File Inclusion Vulnerabilities

Summary
This host is running Campsite and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow attacker to execute arbitrary local files, and cause XSS attack, Directory Traversal attack and remote File Injection attack on the affected application. Impact Level: Application
Solution
Upgrade to Campsite version 3.3.6 or later For updates refer to http://campware.org/
Insight
The multiple flaws are due to, - Input validation errors in the 'admin-files','conf/liveuser_configuration.php' 'include/phorum_load.php',scripts when processing the 'g_campsiteDir' parameter. - Input validation error in the 'admin-files/templates/list_dir.php' script when,processing the 'listbasedir' parameter.
Affected
Campware, Campsite version 3.3.0 RC1 and prior
References