CVE-2006-3075

2006-06-19T10:02:00
ID CVE-2006-3075
Type cve
Reporter cve@mitre.org
Modified 2018-10-18T16:45:00

Description

Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photoalbum/ including (1) thumstbl.php, (2) wpfiles.php, and (3) wallpapr.php.