Unrated severityNVD Advisory· Published Aug 11, 2009· Updated Apr 23, 2026

CVE-2008-6934

Description

Static code injection vulnerability in Sanus|artificium (aka Sanusart) Free simple guestbook PHP script, when downloaded before 20081111, allows remote attackers to inject arbitrary PHP code into messages.txt via the message parameter to act.php, which is executed when guestbook/guestbook.php is accessed. NOTE: some of these details are obtained from third party information.

Affected products

Sansuart/Free Simple Guestbook PHP Script
cpe:2.3:a:sansuart:free_simple_guestbook_php_script:*:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/32240nvdExploit
secunia.com/advisories/32643nvdVendor Advisory
www.vupen.com/english/advisories/2008/3095nvdVendor Advisory
osvdb.org/49703nvd
www.sanusart.com/news.phpnvd
exchange.xforce.ibmcloud.com/vulnerabilities/46526nvd
www.exploit-db.com/exploits/7079nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.005
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000