VYPR

Simpgb

by Boesch It

CVEs (2)

  • CVE-2007-5129Sep 27, 2007
    risk 0.00cvss epss 0.02

    SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request for admin/cfginfo.php; and (2) download arbitrary .inc files via a direct…

  • CVE-2007-5130Sep 27, 2007
    risk 0.00cvss epss 0.01

    SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php or (2) a direct request to admin/trailer.php, which reveals the path in various error messages.