Vulnerabilities > CVE-2006-7123 - Unspecified vulnerability in Joomla BSQ Sitestats 1.8.0

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

joomla

NVD

Published: 2007-03-06

Updated: 2024-11-21

Summary

Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php.

Vulnerable Configurations

Part	Description	Count
Application	Joomla Joomla BSQ Sitestats 1.8.0	1

References

http://secunia.com/secunia_research/2006-63/advisory/
http://securityreason.com/securityalert/2360
http://www.securityfocus.com/archive/1/447356/100/0/threaded
http://www.securityfocus.com/bid/20267
https://exchange.xforce.ibmcloud.com/vulnerabilities/29268
http://secunia.com/secunia_research/2006-63/advisory/
https://exchange.xforce.ibmcloud.com/vulnerabilities/29268
http://www.securityfocus.com/bid/20267
http://www.securityfocus.com/archive/1/447356/100/0/threaded
http://securityreason.com/securityalert/2360