CVE-2006-4653

Name of the Vulnerable Software and Affected Versions Amazing Little Poll and Amazing Little Picture Poll (affected versions not specified)

Description The issue allows remote attackers to read the admin password via a direct request for the lp settings file, which can be either lp settings.inc or lp settings.php, due to insufficient access control. This occurs because sensitive information is stored under the web root.

Recommendations For Amazing Little Poll and Amazing Little Picture Poll, consider restricting access to the lp settings file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.