Vulnerabilities > CVE-2006-7122 - Cross-Site Scripting vulnerability in Joomla BSQ Sitestats 1.8.0

CVSS 6.8 - MEDIUM

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

PARTIAL

Availability impact

PARTIAL

network

joomla

NVD

Published: 2007-03-06

Updated: 2018-10-16

Summary

Cross-site scripting (XSS) vulnerability in the IP Address Lookup functionality in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to inject arbitrary web script and HTML via the ip parameter.

Vulnerable Configurations

Part	Description	Count
Application	Joomla Joomla BSQ Sitestats 1.8.0	1

References

http://secunia.com/secunia_research/2006-63/advisory/
http://securityreason.com/securityalert/2360
http://www.securityfocus.com/archive/1/447356/100/0/threaded
http://www.securityfocus.com/bid/20267
https://exchange.xforce.ibmcloud.com/vulnerabilities/29266