CVE-2006-6849

Cahier de texte (CDT) 2.2 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-6849. PoCs published by DarkFig.

AI-analyzed exploit summary This exploit bypasses authentication in Cahier de texte V2.2 by leveraging improper session validation. It allows unauthorized access to the administration panel by crafting HTTP requests to bypass the session check for 'nom_prof'.

Description

administration/index.php in Cahier de texte (CDT) 2.2 does not properly exit when authentication fails, which allows remote attackers to perform unauthorized administrative actions.

Exploits (1)

exploitdb WORKING POC VERIFIED
by DarkFig · phpwebappsphp
https://www.exploit-db.com/exploits/3016

This exploit bypasses authentication in Cahier de texte V2.2 by leveraging improper session validation. It allows unauthorized access to the administration panel by crafting HTTP requests to bypass the session check for 'nom_prof'.

Classification
Working Poc 90%
Attack Type
Auth Bypass
Complexity
Trivial
Reliability
Reliable
Target: Cahier de texte V2.2
No auth needed
Prerequisites: Network access to the target application
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Exploit x_refsource_misc
http://acid-root.new.fr/poc/17061224.txt
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/455299/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/31132
Exploit, Third Party Advisory exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/3016

Scores

EPSS 0.0241
EPSS Percentile 82.0%

Details

Status published
Products (1)
cahier_de_textes/cahier_de_textes 2.2
Published Dec 31, 2006
Tracked Since Feb 18, 2026