Vulnerabilities > Joomla > BSQ Sitestats > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2007-03-06 | CVE-2006-7124 | Input Validation vulnerability in Joomla BSQ Sitestats 1.8.0 PHP remote file inclusion vulnerability in external/rssfeeds.php in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allows remote attackers to execute arbitrary PHP code via the baseDir parameter. | 7.5 |
| 2007-03-06 | CVE-2006-7123 | SQL-Injection vulnerability in Joomla BSQ Sitestats 1.8.0 Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php. | 7.5 |