KvGuestbook Remote Add Admin Exploit

Version : 1.0 Beta

Download : http://www.killervault.com

Files : guestbook.php

Error : function dologin() {
global $mysql, $gbpass, $gburl;
$time = time() + 86400*365;
if($gbpass == $mysql['pass']) {
setcookie('kvgbcookie', $mysql['pass'], $time, '/');
}
header("Location: $gburl");
}

$mysql, $gbpass, $gburl

Mysql & Admin Pass & Admin Name