2 matches found
CVE-2007-5130
SimpGB 1.46.02 is affected by an information-disclosure vulnerability. An invalid lang parameter to admin/index.php or a direct request to admin/trailer.php can cause error messages to reveal the installation path, exposing sensitive information. The CVE entry documents this behavior and the affe...
CVE-2007-5129
SimpGB 1.46.02 is affected by improper access control where sensitive information is stored under the web root. An attacker can directly request admin/cfginfo.php to obtain configuration details and can download arbitrary .inc files (e.g., admin/includes/dbtables.inc). The root cause is insuffici...