SQL injection vulnerability in email.php in MGB OpenSource Guestbook 0.5.4.5 and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter.

Cross-site scripting (XSS) vulnerability in index.php in DT Guestbook (dt_guestbook) 1.0f, when register_globals is enabled, allows remote attackers to inject arbitrary web script or HTML via the error[] parameter.

Directory traversal vulnerability in admin/skins.php for @lex Guestbook 4.0.2 and earlier allows remote attackers to create files in arbitrary directories via ".." sequences in the (1) aj_skin and (2) skin_edit parameters. NOTE: this can be leveraged for file inclusion by creating a skin file in the lang directory, then referencing that file via the lang parameter to index.php, which passes a sanity check in livre_include.php.

SQL injection vulnerability in index.php in @lex Guestbook 4.0.2 and earlier, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the lang parameter.

Sven Moderow GuestBook 0.3a stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database containing passwords via a direct request for (1) gbook97.mdb or (2) gbook.mdb in ~db/.

Cross-site scripting (XSS) vulnerability in index.php in @lex Guestbook 4.0.1 allows remote attackers to inject arbitrary web script or HTML via the skin parameter.

index.php in @lex Guestbook 4.0.1 allows remote attackers to obtain sensitive information via a skin parameter referencing a nonexistent skin, which reveals the installation path in an error message.

PHP remote file inclusion vulnerability in admin.php in Advanced Guestbook 2.3.1 allows remote attackers to execute arbitrary PHP code via a URL in the include_path parameter.

list.php in DigiOz Guestbook before 1.7.1 allows remote attackers to obtain sensitive information via a non-numeric page parameter, which displays the installation path in the resulting error message.

PHP remote file inclusion vulnerability in embedded.php in Ascended Guestbook 1.0.0 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the CONFIG[path] parameter.