There is an SQL Injection in Advanced Guestbook 2.3.1

For Example:

http://www.(yourdomain).com/(yourguestbookdirectory)/index.php?entry='

or

http://www.(yourdomain).com/(yourguestbookdirectory)/index.php?entry=%27

Yours,
SpyHat