CVE-2007-5130

Published: Sep 27, 2007Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:P/I:N/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

SimpGB 1.46.02 allows remote attackers to obtain sensitive information via (1) an invalid lang parameter to admin/index.php or (2) a direct request to admin/trailer.php, which reveals the path in various error messages.

Affected (1)

Products: Boesch It: Simpgb

Boesch It

1 product

Simpgb

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Boesch It Simpgb	Version 1.46.02

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

References (10)

http://forum.boesch-it.de/viewtopic.php?t=2790

Source: cve@mitre.org

Patch

http://securityreason.com/securityalert/3172

Source: cve@mitre.org

http://www.netvigilance.com/advisory0064

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/480593/100/0/threaded

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/36775

Source: cve@mitre.org

http://forum.boesch-it.de/viewtopic.php?t=2790