SQL Injection Vulnerabilities in BSQ Sitestats Component for Joomla
CVE-2006-7123

Currently unrated

Key Information:

Vendor

Joomla
Status
Bsq Sitestats
Vendor
CVE Published:
6 March 2007

What is CVE-2006-7123?

The BSQ Sitestats component for Joomla is susceptible to multiple SQL injection vulnerabilities. These flaws allow attackers to execute arbitrary SQL commands through unspecified parameters during the import of the 'ip-to-country.csv' file and via HTTP headers such as HTTP Referer, HTTP User Agent, and HTTP Accept Language sent to the 'bsqtemplateinc.php' file. Exploiting these vulnerabilities can lead to unauthorized access to sensitive database information and could facilitate further attacks on the Joomla installation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/20267
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/29268
vdb-entryx_refsource_XF
http://securityreason.com/securityalert/2360
third-party-advisoryx_refsource_SREASON

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.