Unrated severityNVD Advisory· Published Dec 4, 2006· Updated Jun 16, 2026
CVE-2006-6254
CVE-2006-6254
Description
administration/telecharger.php in Cahier de texte 2.0 allows remote attackers to obtain unparsed content (source code) of files via the chemin parameter, as demonstrated using directory traversal sequences to obtain the MySQL username and password from conn_cahier_de_texte.php. NOTE: it is not clear whether the scope of this issue extends above the web document root, and whether directory traversal is the primary vulnerability.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:cahier_de_textes:cahier_de_textes:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cahier_de_textes:cahier_de_textes:*:*:*:*:*:*:*:*range: <=2.2
- cpe:2.3:a:cahier_de_textes:cahier_de_textes:2.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.