PHP Remote File Inclusion Vulnerability in BSQ Sitestats for Joomla
CVE-2006-7124

Currently unrated

Key Information:

Vendor
Joomla
Vendor
CVE Published:
6 March 2007

Summary

A PHP remote file inclusion vulnerability exists in the external/rssfeeds.php file of BSQ Sitestats (a Joomla component), specifically in version 1.8.0 and potentially earlier versions up to 2.2.1. This vulnerability allows remote attackers to execute arbitrary PHP code on the affected system via the baseDir parameter, posing a significant security risk to Joomla installations utilizing this component. Users of BSQ Sitestats should ensure their applications are updated to mitigate this risk.

References

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.