← CVECheck
HomeVulnerabilities

CVE-2002-2389 — MEDIUM severity vulnerability (TheServer 1.74 web server stores server.ini under the web do)

TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.

CVE IDCVE-2002-2389
SeverityMEDIUM
CVSS score5.0
CVSS vectorAV:N/AC:L/Au:N/C:P/I:N/A:N
CWECWE-255
StatusModified
Published2002-12-31
Last modified2026-04-16
DescriptionTheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files.
SourceNIST National Vulnerability Database

🔍 Search all vulnerabilities →