Joomla: >> Bsq Sitestats >> 2.1.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled when the administrator views site statistics.
CVSS Score
6.8
EPSS Score
0.0
Published
2007-03-06
SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the query string, possibly PHP_SELF.
CVSS Score
6.8
EPSS Score
0.0
Published
2007-03-06
PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.
CVSS Score
7.5
EPSS Score
0.004
Published
2006-09-26