Bug Report

GoCampr/Campr Update

Campr is a Belgian startup which looks like Airbnb but for campers. The application is for people who are looking for a camping spot. They also compare this platform with CouchSurfing they call it the outdoor CouchSurfing experience.

Their goal is to bring you the most pleasant experience while camping. You can search for a destination, contact a host and book with this host.

If you are enchanted by this platform you can visit it on:
https://www.gocampr.com/

and they also have launched a Facebook group (which seems unavailable on this moment):
https://www.facebook.com/groups/7620504038765

Now Campr has some design issues although not a real severity. They’ve already written on their blog that Campr isn’t perfect.

The thing is they say the following:

To do this, we listen to our users and use their feedback. Don’t hold back and share your thoughts!

I’ve given them my feedback on how to change something that has a big impact on the site.

The ‘bug’:

they allow every user to upload any file with any extension on their server. Great job on being a secret file server.
Think about someone who wants to spread Malware on your good name.

Proof of concept:

Url of concept:

https://www.gocampr.com/images/users:55302895108f8436368ad066/poc.pdf

This bug is still working from this day on

Reported multiple times:

  • April (2 times via contact page)
  • May (2 times: via twitter and via contact page)

I find it rather strange than normal that a young start-up like this doesn’t want to listen/respond to this free advice. I hate how ignorant people sometimes are, even when they have the solution right in front of them. I hope to make them aware of this issue.

If you want to build a community act as a community.


Update 9/06/15

updatedsystem

It seems that they have fixed this issue, thanks for listening Campr-Team!

2 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *