Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

49 matches found

Cvelist
Cvelistadded 2007/09/27 7:0 p.m.15 views

CVE-2007-5129

SimpGB 1.46.02 stores sensitive information under the web root with insufficient access control, which allows remote attackers to 1 obtain sensitive configuration information via a direct request for admin/cfginfo.php; and 2 download arbitrary .inc files via a direct request, as demonstrated by...

6.5AI score0.01814EPSS
Exploits0References10
Cvelist
Cvelistadded 2007/09/27 7:0 p.m.18 views

CVE-2007-5130

SimpGB 1.46.02 allows remote attackers to obtain sensitive information via 1 an invalid lang parameter to admin/index.php or 2 a direct request to admin/trailer.php, which reveals the path in various error messages...

6.2AI score0.011EPSS
Exploits0References5
CVE
CVEadded 2007/09/27 7:0 p.m.37 views

CVE-2007-5129

SimpGB 1.46.02 is affected by improper access control where sensitive information is stored under the web root. An attacker can directly request admin/cfginfo.php to obtain configuration details and can download arbitrary .inc files (e.g., admin/includes/dbtables.inc). The root cause is insuffici...

5CVSS6.5AI score0.01814EPSS
Exploits0References10Affected Software1
CVE
CVEadded 2007/09/27 7:0 p.m.45 views

CVE-2007-5130

SimpGB 1.46.02 is affected by an information-disclosure vulnerability. An invalid lang parameter to admin/index.php or a direct request to admin/trailer.php can cause error messages to reveal the installation path, exposing sensitive information. The CVE entry documents this behavior and the affe...

4.3CVSS6.2AI score0.011EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2007/09/27 7:0 p.m.42 views

CVE-2007-5127

CVE-2007-5127 describes multiple XSS vulnerabilities in SimpGB 1.46.02 . The issues allow remote attackers to inject arbitrary JavaScript/HTML via two parameters: (1) l_username in the default admin/ URI and (2) l_emoticonlist in admin/emoticonlist.php. The root cause is unsanitized/unvalidated i...

4.3CVSS5.8AI score0.01925EPSS
Exploits1References7Affected Software1
Packet Storm
Packet Stormadded 2007/09/26 12:0 a.m.33 views

simpgb14602-infodis.txt

netVigilance Security Advisory 66 SimpGB version 1.46.02 Information Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

7.4AI score
Exploits0
Packet Storm
Packet Stormadded 2007/09/26 12:0 a.m.45 views

simpgb14602-disclose.txt

netVigilance Security Advisory 65 SimpGB version 1.46.02 File Content Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

7.4AI score
Exploits0
securityvulns
securityvulnsadded 2007/09/26 12:0 a.m.44 views

SimpGB version 1.46.02 Information Disclosure Vulnerability

netVigilance Security Advisory 66 SimpGB version 1.46.02 Information Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

6.8AI score
Exploits0
securityvulns
securityvulnsadded 2007/09/26 12:0 a.m.46 views

SimpGB version 1.46.02 File Content Disclosure Vulnerability

netVigilance Security Advisory 65 SimpGB version 1.46.02 File Content Disclosure Vulnerability Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multiple...

7AI score
Exploits0
securityvulns
securityvulnsadded 2007/09/26 12:0 a.m.87 views

SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities

netVigilance Security Advisory 64 SimpGB version 1.46.02 Multiple Path Disclosure Vulnerabilities Description: SimpGB is a guestbook with data stored in MySQL, administration interface and support for multiple languages. Features: Data stored in MySQL, Administration interface, Support for multip...

7AI score
Exploits0
exploitpack
exploitpackadded 2007/09/25 12:0 a.m.11 views

SimpGB 1.46.2 - admin?l_username Cross-Site Scripting

SimpGB 1.46.2 - admin?lusername Cross-Site Scripting source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute...

6.8AI score
Exploits0
exploitpack
exploitpackadded 2007/09/25 12:0 a.m.13 views

SimpGB 1.46.2 - adminemoticonlist.php?l_emoticonlist Cross-Site Scripting

SimpGB 1.46.2 - adminemoticonlist.php?lemoticonlist Cross-Site Scripting source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these...

6.8AI score
Exploits0
Exploit DB
Exploit DBadded 2007/09/25 12:0 a.m.19 views

SimpGB 1.46.2 - '/admin/?l_username' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score
Exploits0
Exploit DB
Exploit DBadded 2007/09/25 12:0 a.m.17 views

SimpGB 1.46.2 - '/admin/emoticonlist.php?l_emoticonlist' Cross-Site Scripting

source: https://www.securityfocus.com/bid/25808/info SimpGB is prone to multiple cross-site scripting vulnerabilities because the application fails to sufficiently sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspectin...

7.4AI score
Exploits0
Prion
Prionadded 2007/05/24 7:30 p.m.15 views

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the pathsimpgb parameter to 1 guestbook.php, 2 search.php, 3 mailer.php, 4 avatars.php, 5 ccode.php, 6 comments.php, 7 emoticons.php, 8 gbdownload.php, and possibl...

7.5CVSS8AI score0.02434EPSS
Exploits0References13Affected Software1
NVD
NVDadded 2007/05/24 7:30 p.m.19 views

CVE-2007-2859

Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the pathsimpgb parameter to 1 guestbook.php, 2 search.php, 3 mailer.php, 4 avatars.php, 5 ccode.php, 6 comments.php, 7 emoticons.php, 8 gbdownload.php, and possibl...

7.5CVSS7.7AI score0.02434EPSS
Exploits0References13
CVE
CVEadded 2007/05/24 7:0 p.m.39 views

CVE-2007-2859

SimpGB 1.46.0 is affected by CVE-2007-2859. The vulnerability allows remote attackers to execute arbitrary PHP code via a URL in the path_simpgb parameter across multiple PHP scripts (guestbook.php, search.php, mailer.php, avatars.php, ccode.php, comments.php, emoticons.php, gbdownload.php). Root...

7.5CVSS7.7AI score0.02434EPSS
Exploits0References13Affected Software1
Cvelist
Cvelistadded 2007/05/24 7:0 p.m.22 views

CVE-2007-2859

Multiple PHP remote file inclusion vulnerabilities in SimpGB 1.46.0 allow remote attackers to execute arbitrary PHP code via a URL in the pathsimpgb parameter to 1 guestbook.php, 2 search.php, 3 mailer.php, 4 avatars.php, 5 ccode.php, 6 comments.php, 7 emoticons.php, 8 gbdownload.php, and possibl...

7.7AI score0.02434EPSS
Exploits0References13
Positive Technologies
Positive Technologiesadded 2007/05/24 12:0 a.m.4 views

PT-2007-4163 · Simpgb · Simpgb

Name of the Vulnerable Software and Affected Versions: SimpGB version 1.46.0 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the path simpgb parameter to various PHP scripts, including "guestbook.php", "search.php", "mailer.php", "avatars.php", "ccode.php...

7.5CVSS7.6AI score0.02434EPSS
Exploits0References14
Packet Storm
Packet Stormadded 2007/05/23 12:0 a.m.20 views

simpgb-rfi.txt

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

7.4AI score
Exploits0
Rows per page
Query Builder