Vulnerabilities (CVE)

Filtered by vendor Boesch-it Subscribe
Filtered by product Simpgb
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-5130 1 Boesch-it 1 Simpgb 2024-11-21 4.3 MEDIUM N/A
SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php or (2) a direct request to admin/trailer.php, which reveals the path in various error messages.
CVE-2007-5129 1 Boesch-it 1 Simpgb 2024-11-21 5.0 MEDIUM N/A
SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to (1) obtain sensitive configuration information via a direct request for admin/cfginfo.php; and (2) download arbitrary .inc files via a direct request, as demonstrated by admin/includes/dbtables.inc.