TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:23:48
Updated: 2022-10-03T16:23:48
Reserved: 2022-10-03T00:00:00
Link: CVE-2002-1886
JSON object: View
NVD Information
Status : Analyzed
Published: 2002-12-31T05:00:00.000
Modified: 2008-09-05T20:31:46.153
Link: CVE-2002-1886
JSON object: View
Redhat Information
No data.
CWE