CVE-2007-0926 Information

Description

The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges probably via modified $mysql[‘pass’] and $gbpass variables.

Reference

http://osvdb.org/33710 http://securityreason.com/securityalert/2246 http://www.securityfocus.com/archive/1/459799/100/0/threaded