Search

Find a vulnerability

Search criteria

    4 vulnerabilities by amazing_little_poll

    CVE-2006-4653 (GCVE-0-2006-4653)

    Vulnerability from nvd – Published: 2006-09-09 00:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    (1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19837 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/445081/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1527 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21997 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3687 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:40.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19837"
              },
              {
                "name": "20060904 The Amazing Little Poll Admin Pwd",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
              },
              {
                "name": "1527",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1527"
              },
              {
                "name": "21997",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21997"
              },
              {
                "name": "ADV-2006-3687",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3687"
              },
              {
                "name": "alpoll-admin-auth-bypass(28737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19837",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19837"
            },
            {
              "name": "20060904 The Amazing Little Poll Admin Pwd",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
            },
            {
              "name": "1527",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1527"
            },
            {
              "name": "21997",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21997"
            },
            {
              "name": "ADV-2006-3687",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3687"
            },
            {
              "name": "alpoll-admin-auth-bypass(28737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4653",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19837",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19837"
                },
                {
                  "name": "20060904 The Amazing Little Poll Admin Pwd",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
                },
                {
                  "name": "1527",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1527"
                },
                {
                  "name": "21997",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21997"
                },
                {
                  "name": "ADV-2006-3687",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3687"
                },
                {
                  "name": "alpoll-admin-auth-bypass(28737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4653",
        "datePublished": "2006-09-09T00:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:40.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4652 (GCVE-0-2006-4652)

    Vulnerability from nvd – Published: 2006-09-09 00:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19837 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/445081/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1527 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:40.505Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19837"
              },
              {
                "name": "20060904 The Amazing Little Poll Admin Pwd",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
              },
              {
                "name": "1527",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1527"
              },
              {
                "name": "alpoll-admin-auth-bypass(28737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of \"dsapoll\", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19837",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19837"
            },
            {
              "name": "20060904 The Amazing Little Poll Admin Pwd",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
            },
            {
              "name": "1527",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1527"
            },
            {
              "name": "alpoll-admin-auth-bypass(28737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4652",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of \"dsapoll\", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19837",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19837"
                },
                {
                  "name": "20060904 The Amazing Little Poll Admin Pwd",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
                },
                {
                  "name": "1527",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1527"
                },
                {
                  "name": "alpoll-admin-auth-bypass(28737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4652",
        "datePublished": "2006-09-09T00:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:40.505Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4653 (GCVE-0-2006-4653)

    Vulnerability from cvelistv5 – Published: 2006-09-09 00:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    (1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19837 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/445081/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1527 third-party-advisoryx_refsource_SREASON
    http://secunia.com/advisories/21997 third-party-advisoryx_refsource_SECUNIA
    http://www.vupen.com/english/advisories/2006/3687 vdb-entryx_refsource_VUPEN
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:40.448Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19837"
              },
              {
                "name": "20060904 The Amazing Little Poll Admin Pwd",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
              },
              {
                "name": "1527",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1527"
              },
              {
                "name": "21997",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/21997"
              },
              {
                "name": "ADV-2006-3687",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3687"
              },
              {
                "name": "alpoll-admin-auth-bypass(28737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19837",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19837"
            },
            {
              "name": "20060904 The Amazing Little Poll Admin Pwd",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
            },
            {
              "name": "1527",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1527"
            },
            {
              "name": "21997",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/21997"
            },
            {
              "name": "ADV-2006-3687",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3687"
            },
            {
              "name": "alpoll-admin-auth-bypass(28737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4653",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19837",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19837"
                },
                {
                  "name": "20060904 The Amazing Little Poll Admin Pwd",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
                },
                {
                  "name": "1527",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1527"
                },
                {
                  "name": "21997",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/21997"
                },
                {
                  "name": "ADV-2006-3687",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3687"
                },
                {
                  "name": "alpoll-admin-auth-bypass(28737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4653",
        "datePublished": "2006-09-09T00:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:40.448Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2006-4652 (GCVE-0-2006-4652)

    Vulnerability from cvelistv5 – Published: 2006-09-09 00:00 – Updated: 2024-08-07 19:23
    VLAI
    Summary
    (1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of "dsapoll", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/19837 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/445081/100… mailing-listx_refsource_BUGTRAQ
    http://securityreason.com/securityalert/1527 third-party-advisoryx_refsource_SREASON
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2006-09-04 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T19:23:40.505Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19837",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/19837"
              },
              {
                "name": "20060904 The Amazing Little Poll Admin Pwd",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
              },
              {
                "name": "1527",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/1527"
              },
              {
                "name": "alpoll-admin-auth-bypass(28737)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-09-04T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of \"dsapoll\", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19837",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/19837"
            },
            {
              "name": "20060904 The Amazing Little Poll Admin Pwd",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
            },
            {
              "name": "1527",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/1527"
            },
            {
              "name": "alpoll-admin-auth-bypass(28737)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2006-4652",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "(1) Amazing Little Poll and (2) Amazing Little Picture Poll have a default password of \"dsapoll\", which allows remote attackers to create a new poll by entering default credentials via lp_admin.php."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19837",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/19837"
                },
                {
                  "name": "20060904 The Amazing Little Poll Admin Pwd",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/445081/100/0/threaded"
                },
                {
                  "name": "1527",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/1527"
                },
                {
                  "name": "alpoll-admin-auth-bypass(28737)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/28737"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2006-4652",
        "datePublished": "2006-09-09T00:00:00.000Z",
        "dateReserved": "2006-09-08T00:00:00.000Z",
        "dateUpdated": "2024-08-07T19:23:40.505Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }