CVE-2006-0644

Exp

Multiple directory traversal vulnerabilities in install.php in CPG-Nuke Dragonfly CMS (aka CPG Dragonfly CMS) 9.0.6.1 allow remote attackers to include and execute arbitrary local files via directory traversal sequences and a NUL (%00) character in (1) the newlang parameter and (2) the installlang parameter in a cookie, as demonstrated by using error.php to insert malicious code into a log file, or uploading a malicious .png file, which is then included using install.php.

Published: 2006-02-10 Last update: 2026-06-16 Assigner: [email protected] Source: [email protected]

Conclusion & alert: CVE-2006-0644 is rated High Exploit Risk (74.2/100): CVSS High severity, with high exploitation likelihood (EPSS 8.25%, 94th percentile). Core evidence: 3 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2006-0644

EDB-ID Source Kind Published Link
1478 exploit_db edb 2006-02-08 Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗
nvd_ref exploit_tag Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2006-0644

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

# Date Old EPSS score New EPSS score Delta (New - Old)
1 2026-06-15 11.98% 8.25% -3.72%
2 2025-10-17 10.95% 11.98% +1.02%
3 2025-03-30 10.95%

Full EPSS history (10 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2006-0644

CVSS metrics for this CVE.

Base score Version Severity Vector Exploitability Impact Score source
7.5 2.0 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P Click to expand
Access vector (AV:N)
Can be exploited remotely over network reachability.
Access complexity (AC:L)
Exploitation conditions are straightforward and predictable.
Authentication (AU:N)
No authentication is required.
Confidentiality impact (C:P)
Partial confidentiality impact.
Integrity impact (I:P)
Partial integrity impact.
Availability impact (A:P)
Partial availability impact.
10.0 6.4 [email protected]

Weakness enumeration for CVE-2006-0644

Affected software / configurations for CVE-2006-0644

Vendor Product Version Raw CPE
cpg-nuke dragonfly_cms 9.0.6_.1 cpe:2.3:a:cpg-nuke:dragonfly_cms:9.0.6_.1:*:*:*:*:*:*:*

References for CVE-2006-0644

cvelogic Threat Intelligence