CVE-2007-0926
The dologin function in guestbook.php in KvGuestbook 1.0 Beta allows remote attackers to gain administrative privileges, probably via modified $mysql[‘pass’] and $gbpass variables.
Date published : 2007-02-14
http://www.securityfocus.com/archive/1/459799/100/0/threaded