CVE-2009-4935
The CVE-2009-4935 entry concerns a SQL injection in Online Guestbook Pro, specifically ogp_show.php via the display parameter. The root cause is improper handling of user input in that parameter, enabling attackers to craft arbitrary SQL commands. Impact per CVSS indicates partial disclosure, mod...