2 matches found
CVE-2006-0644
Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS aka CPG Dragonfly CMS 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL %00 character in 1 the newlang parameter and 2 the installlang...
CVE-2006-0644
Dragonfly CMS (CPG-Nuke) 9.0.6.1 contains multiple directory traversal vulnerabilities in install.php that allow remote attackers to include and execute arbitrary local files. The issue arises from insufficient validation of the newlang parameter and the installlang cookie, which can be exploited...