Amazing Little Picture Poll : Security Vulnerabilities, CVEs,
(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
Max CVSS
7.5
EPSS Score
1.17%
Published
2006-09-09
Updated
2018-10-17
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
Max CVSS
5.0
EPSS Score
0.91%
Published
2006-09-09
Updated
2018-10-17
2 vulnerabilities found