CVE Vulnerabilities

CVE-2002-1886

Published: Dec 31, 2002 | Modified: Apr 03, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.

Affected Software

Name Vendor Start Version End Version
Tightauction Tightauction 3.0 (including) 3.0 (including)

References