Advanced Guestbook v2.2 has an SQL injection problem which allows unauthorized access. Attacker From there, hit “Admin” then do the following: Leave username field blank. For password, enter this exactly: ‘) OR (’a’ = ‘a You are now in the Guestbook’s Admin section. http://www.securityfocus.com/bid/10209