CVE-2006-2573

Name of the Vulnerable Software and Affected Versions DGBook version 1.0

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is possible via the name, email, homepage, address, comment, and ip parameters in index.php when magic quotes gpc is disabled.

Recommendations For DGBook version 1.0, consider disabling the use of the vulnerable parameters (name, email, homepage, address, comment, and ip) in index.php until a patch is available. Additionally, enabling magic quotes gpc can help mitigate this issue.