CVE-2006-0644

Name of the Vulnerable Software and Affected Versions CPG-Nuke Dragonfly CMS version 9.0.6.1

Description The issue concerns directory traversal vulnerabilities in the install.php file. Remote attackers can include and execute arbitrary local files using directory traversal sequences and a NUL (%00) character in the newlang parameter and the installlang parameter in a cookie. This can be exploited to insert malicious code into a log file or to upload a malicious .png file, which is then included using install.php.

Recommendations For CPG-Nuke Dragonfly CMS version 9.0.6.1, consider restricting access to the install.php file and avoid using the newlang and installlang parameters in cookies until a patch is available. As a temporary workaround, restrict the ability to upload files, especially .png files, to minimize the risk of exploitation.