SQL injection vulnerability in login.php in xGuestbook 2.0 allows remote malicious users to execute arbitrary SQL commands via the user parameter.
xatrix xguestbook 2.0