CVE-2009-0810

Name of the Vulnerable Software and Affected Versions xGuestbook version 2.0

Description A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by manipulating the user parameter in the login.php file.

Recommendations For xGuestbook version 2.0, consider restricting access to the login.php file until a patch is available, and avoid using the user parameter in the affected API endpoint. At the moment, there is no information about a newer version that contains a fix for this vulnerability.