CVE-2004-2354

Name of the Vulnerable Software and Affected Versions: 4nGuestbook version 0.92 for PHP-Nuke versions 6.5 through 6.9

Description: The issue allows remote attackers to modify SQL statements via the entry parameter to "modules.php", which can also facilitate cross-site scripting (XSS) attacks when MySQL errors are triggered.

Recommendations: For 4nGuestbook version 0.92, consider restricting access to the "modules.php" endpoint until a patch is available. Avoid using the entry parameter in the affected API endpoint until the issue is resolved.