CVE-2008-6844

eZ Publish < 3.5.6 - Privilege Escalation via Registration Form Parameter Manipulation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-6844. PoCs published by s4avrd0w.

AI-analyzed exploit summary This exploit leverages insufficient form handling in eZ Publish to create an admin account by sending a crafted POST request to the user registration endpoint. It bypasses authentication by manipulating form fields and UserID.

Description

The registration view (/user/register) in eZ Publish 3.5.6 and earlier, and possibly other versions before 3.9.5, 3.10.1, and 4.0.1, allows remote attackers to gain privileges as other users via modified ContentObjectAttribute_data_user_login_30, ContentObjectAttribute_data_user_password_30, and other parameters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by s4avrd0w · phpwebappsphp

https://www.exploit-db.com/exploits/7406

View Code ZIP pw:eip

This exploit leverages insufficient form handling in eZ Publish to create an admin account by sending a crafted POST request to the user registration endpoint. It bypasses authentication by manipulating form fields and UserID.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: eZ Publish versions >= 3.5.6 and < 3.9.5, 3.10.1, 4.0.1

No auth needed

Prerequisites: Target eZ Publish server URL · Valid email address for account activation

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/47216

Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb

http://www.osvdb.org/52708

Exploit vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/32762

Vendor Advisory x_refsource_confirm

http://ez.no/developer/security/security_advisories/ez_publish_4_0/ezsa_2008_003_insufficient_form_handling_made_privilege_escalation_possible

Exploit, Third Party Advisory exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/7406

Scores

EPSS 0.0297

EPSS Percentile 85.5%

Details

CWE

CWE-264

Status published

Products (24)

ez/ez_publish 3.4.8

ez/ez_publish 3.5.4

ez/ez_publish 3.5.5

ez/ez_publish 3.5.7

ez/ez_publish 3.5.8

ez/ez_publish 3.6.0

ez/ez_publish 3.6.1

ez/ez_publish 3.6.2

ez/ez_publish 3.6.3

ez/ez_publish 3.6.4

... and 14 more

Published Jul 02, 2009

Tracked Since Feb 18, 2026