VYPR
Unrated severityNVD Advisory· Published Aug 31, 2006· Updated Jun 16, 2026

CVE-2006-4487

CVE-2006-4487

Description

DUware DUpoll 3.0 and 3.1 stores _private/Dupoll.mdb under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as usernames and passwords.

Affected products

3
  • Duware/Dupoll3 versions
    cpe:2.3:a:duware:dupoll:3.0:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:duware:dupoll:3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:duware:dupoll:3.1:*:*:*:*:*:*:*
    • (no CPE)range: <=3.1

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.