cpe:/a:w3bcms:gaestebuch_guestbook_module:3.0.0 CVE-2009-2337 2009-07-07T15:00:00.343-04:00 2017-09-18T21:29:03.607-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-07-07T15:52:00.000-04:00 BID 34477 SECUNIA 34650 OSVDB 53614 EXPLOIT-DB 8396 XF guestbookmodule-indexinc-sql-injection(49853) SQL injection vulnerability in includes/module/book/index.inc.php in w3b|cms Gaestebuch Guestbook Module 3.0.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the spam_id parameter.