Описание
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
Ссылки
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:amazing_little_picture_poll:amazing_little_picture_poll:*:*:*:*:*:*:*:*
cpe:2.3:a:amazing_little_poll:amazing_little_poll:*:*:*:*:*:*:*:*
EPSS
Процентиль: 67%
0.00527
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
(1) Amazing Little Poll and (2) Amazing Little Picture Poll store sensitive information under the web root with insufficient access control, which allows remote attackers to read the admin password via a direct request for the lp_settings file (lp_settings.inc or lp_settings.php).
EPSS
Процентиль: 67%
0.00527
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other