Intrusion Prevention

PHP.Advanced.Guestbook.admin.php.SQL.Injection

Description

It indicates a possible exploit of SQL injection vulnerability in admin.php in Advanced Guestbook 2.2 that may allow remote attackers to execute arbitrary SQL commands and gain privileges via the username field.

Affected Products

Advanced Guestbook Advanced Guestbook 2.2

Impact

Data compromise.

Recommended Actions

Advanced Guestbook Advanced Guestbook 2.3.1

CVE References

CVE-2004-1952 CVE-2005-3588