3 matches found
CVE-2002-1886
TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password...
CVE-2002-1886
TightAuction 3.0 stores config.inc under the web document root with insufficient access control, which allows remote attackers to obtain the database username and password...
CVE-2002-1886
TightAuction 3.0 is affected by an access-control misconfiguration where config.inc is stored under the web document root, allowing remote attackers to obtain the database username and password. The root cause is insufficient access control on the configuration file. Current documents do not spec...