CVE-2007-5129

Name of the Vulnerable Software and Affected Versions SimpGB version 1.46.02

Description The issue allows remote attackers to obtain sensitive configuration information and download arbitrary files due to insufficient access control. This can be achieved by making a direct request for specific files, such as admin/cfginfo.php for configuration information, and other .inc files, for example, admin/includes/dbtables.inc.

Recommendations For SimpGB version 1.46.02, consider restricting direct access to sensitive files such as admin/cfginfo.php and .inc files under the admin/includes directory until a proper fix is available. As a temporary workaround, restrict access to the admin directory to minimize the risk of exploitation.