Unrated severityNVD Advisory· Published Mar 6, 2007· Updated Apr 23, 2026

CVE-2006-7123

Description

Multiple SQL injection vulnerabilities in BSQ Sitestats (component for Joomla) 1.8.0, and possibly other versions before 2.2.1, allow remote attackers to execute arbitrary SQL commands via (1) unspecified parameters when importing the (a) ip-to-country.csv file; and the (2) HTTP Referer, (3) HTTP User Agent, and (4) HTTP Accept Language headers to (b) bsqtemplateinc.php.

Affected products

Joomla/Bsq Sitestats
cpe:2.3:a:joomla:bsq_sitestats:1.8.0:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

secunia.com/secunia_research/2006-63/advisory/nvd
securityreason.com/securityalert/2360nvd
www.securityfocus.com/archive/1/447356/100/0/threadednvd
www.securityfocus.com/bid/20267nvd
exchange.xforce.ibmcloud.com/vulnerabilities/29268nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000