Hello 3APA3A!
I want to warn you about security vulnerabilities in SimpGB.
These are Full path disclosure, Insufficient Anti-automation and
Cross-Site Scripting vulnerabilities.
Full path disclosure:
http://site/admin/index.php?lang=1
http://site/admin/pwlost.php?lang=1
http://site/admin/usered.php?lang=1&mode=comment&input_entrynr=44&entrylang=en
Insufficient Anti-automation:
http://site/admin/usered.php?lang=en&mode=comment&input_entrynr=44&entrylang=en
Login and password are fixed and are set at the page.
XSS:
Vulnerable are SimpGB V1.37.3 and previous versions (and possibly next
versions).
I mentioned about these vulnerabilities at my site
(http://websecurity.com.ua/3460/).
Best wishes & regards,
MustLive
Administrator of Websecurity web site
http://websecurity.com.ua