guestbook.pl

Summary
The 'guestbook.pl' is installed. This CGI has a well known security flaw that lets anyone execute arbitrary commands with the privileges of the http daemon (root or nobody).
Solution
remove it from /cgi-bin.