CPG Dragonfly: code execution attempt using the install.php script
Description
Using the install.php script and the newlang parameter, an attacker could inject PHP code and execute it on the server.
Default
configuration
Profiles
High
Medium
Low
Internet
Action
Block
Block
Block
Block
Alarm Level
Major
Minor
Minor
Major
References
Available since
ASQ v3.2.0
Protects
CPG Dragonfly CMS Multiple Module Cross Site Scripting Vulnerabilities
100 last CVE
CVE-2006-1033
CVE-2006-0727
CVE-2006-0726
Risk level
Moderate
