(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
References
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2006-09-09 00:04
Updated : 2024-02-28 10:42
NVD link : CVE-2006-4653
Mitre link : CVE-2006-4653
CVE.ORG link : CVE-2006-4653
JSON object : View
Products Affected
amazing_little_picture_poll
- amazing_little_picture_poll
amazing_little_poll
- amazing_little_poll
CWE