Crazy_King

Name of the Vulnerable Software and Affected Versions: KvGuestbook version 1.0 Beta Description: The issue allows remote attackers to gain administrative privileges, likely through modification of the `mysql['pass']` and `gbpass` variables in the `dologin` function. Recommendations: For KvGuestbook version 1.0 Beta, consider restricting access to the `dologin` function in guestbook.php until a patch is available. As a temporary workaround, avoid using the `mysql['pass']` and `gbpass` variables in the affected function to minimize the risk of exploitation.