Filtered by vendor Amazing Little Picture Poll Subscriptions
Filtered by product Amazing Little Picture Poll Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2006-4653 2 Amazing Little Picture Poll, Amazing Little Poll 2 Amazing Little Picture Poll, Amazing Little Poll 2024-11-21 N/A
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
CVE-2006-4652 2 Amazing Little Picture Poll, Amazing Little Poll 2 Amazing Little Picture Poll, Amazing Little Poll 2024-11-21 N/A
(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.