Unrated severityNVD Advisory· Published Jun 19, 2006· Updated Jun 16, 2026
CVE-2006-3075
CVE-2006-3075
Description
Multiple PHP remote file inclusion vulnerabilities in PictureDis Professional 1.33 Build 234 and earlier and PictureDis Photoalbum 4.82 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the lang parameter to files in photoalbum/ including (1) thumstbl.php, (2) wpfiles.php, and (3) wallpapr.php.
Affected products
4cpe:2.3:a:picturedis:picturedis_photoalbum:4.82:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:picturedis:picturedis_photoalbum:4.82:*:*:*:*:*:*:*
- (no CPE)range: <=4.82
cpe:2.3:a:picturedis:picturedis_professional:1.33_build_234:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:picturedis:picturedis_professional:1.33_build_234:*:*:*:*:*:*:*
- (no CPE)range: <=1.33 Build 234
Patches
Vulnerability mechanics
References
9- secunia.com/advisories/20656nvdVendor Advisory
- securitytracker.com/idnvd
- www.osvdb.org/26500nvd
- www.osvdb.org/26501nvd
- www.osvdb.org/26502nvd
- www.securityfocus.com/archive/1/437449/100/100/threadednvd
- www.securityfocus.com/bid/18471nvd
- www.vupen.com/english/advisories/2006/2352nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/27183nvd
News mentions
0No linked articles in our index yet.