Yesterday a possible SQL vulnerability was found in the Guestbook module. Everybody using an older version is HIGHLY RECOMMENDED to upgrade!
You can find all information about the Extension at the Guestbooks detail page: http://wiki.bigace.de/bigace:extensions:modul:guestbook
Download
Version 1.4 - here at Sourceforge: http://downloads.sourceforge.net/bigace/guestbook_1.4.zip
Details
If more than one page of Guestbook entrys was displayed, the "start" parameter wasn't properly handled.
There is no report of a working SQL injection Exploit; but anyway ...
Please update all your Communities to use the latest version: 1.4!