6 matches found
EUVD-2006-3072
Malware in sbrugna...
pictureDis.txt
PictureDis Products "lang" Parameter File Inclusion Vulnerability ================================================= Input passed to the "lang" parameter in thumstbl.php, wpfiles.php, and wallpapr.php is not properly verified before being used to include files. This can be exploited to execute...
CVE-2006-3075
Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photoalbum/ including 1 thumstbl.php, 2 wpfiles.php,...
CVE-2006-3075
CVE-2006-3075 involves multiple PHP remote file inclusion vulnerabilities in PictureDis Professional (versions up to 1.33 Build 234) and PictureDis Photoalbum (up to 4.82). The underlying issue is that the lang parameter used to select files within photoalbum/ (specifically thumstbl.php, wpfiles....
CVE-2006-3075
Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photoalbum/ including 1 thumstbl.php, 2 wpfiles.php,...
PictureDis Products "lang" Parameter File Inclusion Vulnerability
PictureDis Products "lang" Parameter File Inclusion Vulnerability ================================================= Input passed to the "lang" parameter in thumstbl.php, wpfiles.php, and wallpapr.php is not properly verified before being used to include files. This can be exploited to execute...