← CVECheck
HomeVulnerabilities

CVE-2002-1886 — MEDIUM severity vulnerability (TightAuction 3.0 stores config.inc under the web document ro)

TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.

CVE IDCVE-2002-1886
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWENVD-CWE-Other
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionTightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →