PHP Remote File Inclusion Vulnerability in BSQ Sitestats for Joomla
CVE-2006-7124

Currently unrated

Key Information:

Vendor: Joomla
Status: Bsq Sitestats
Vendor: CVE Published:; 6 March 2007

Summary

A PHP remote file inclusion vulnerability exists in the external/rssfeeds.php file of BSQ Sitestats (a Joomla component), specifically in version 1.8.0 and potentially earlier versions up to 2.2.1. This vulnerability allows remote attackers to execute arbitrary PHP code on the affected system via the baseDir parameter, posing a significant security risk to Joomla installations utilizing this component. Users of BSQ Sitestats should ensure their applications are updated to mitigate this risk.

References

http://www.osvdb.org/29287

vdb-entryx_refsource_OSVDB

http://www.securityfocus.com/bid/20267

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/29269

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Mar 6, 2007
Vulnerability Reserved
Mar 5, 2007