Unrated severityNVD Advisory· Published Mar 6, 2007· Updated Jun 16, 2026
CVE-2006-7125
CVE-2006-7125
Description
Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled when the administrator views site statistics.
Affected products
3cpe:2.3:a:joomla:bsq_sitestats:1.8.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:joomla:bsq_sitestats:1.8.0:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:bsq_sitestats:2.1.1:*:*:*:*:*:*:*
- (no CPE)range: <=2.2.1
Patches
Vulnerability mechanics
References
5News mentions
0No linked articles in our index yet.