CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2006-7123

Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 2.1%

CVSS Severity

CVSS v2 Score 7.5

References

http://secunia.com/secunia_research/2006-63/advisory/
http://securityreason.com/securityalert/2360
http://www.securityfocus.com/archive/1/447356/100/0/threaded
http://www.securityfocus.com/bid/20267
https://exchange.xforce.ibmcloud.com/vulnerabilities/29268
http://secunia.com/secunia_research/2006-63/advisory/
http://securityreason.com/securityalert/2360
http://www.securityfocus.com/archive/1/447356/100/0/threaded
http://www.securityfocus.com/bid/20267
https://exchange.xforce.ibmcloud.com/vulnerabilities/29268

Products affected by CVE-2006-7123

Joomla » Bsq Sitestats » Version: 1.8.0

cpe:2.3:a:joomla:bsq_sitestats:1.8.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2006-7123

Products

Pricing

Contact Us