Lucene search

[email protected]CVE-2006-7126

HistoryMar 06, 2007 - 1:19 a.m.

CVE-2006-7126

2007-03-0601:19:00

[email protected]

web.nvd.nist.gov

cve-2006-7126

sql injection

joomla

bsq sitestats

remote code execution

nvd

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

81.0%

JSON

SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the query string, possibly PHP_SELF.

Affected configurations

NVD

Node

joomlabsq_sitestatsMatch1.8.0

joomlabsq_sitestatsMatch2.1.1

CPENameOperatorVersion
joomla:bsq_sitestatsjoomla bsq sitestatseq1.8.0
joomla:bsq_sitestatsjoomla bsq sitestatseq2.1.1

CPE	Name	Operator	Version
joomla:bsq_sitestats	joomla bsq sitestats	eq	1.8.0
joomla:bsq_sitestats	joomla bsq sitestats	eq	2.1.1

References

developer.joomla.org/sf/sfmain/do/viewProject/projects.bsq_sitestats

secunia.com/secunia_research/2006-65/advisory/

www.securityfocus.com/archive/1/449125/100/0/threaded

www.securityfocus.com/bid/20614

www.vupen.com/english/advisories/2006/4090

exchange.xforce.ibmcloud.com/vulnerabilities/29662

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

8.8 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

81.0%

JSON

Related for CVE-2006-7126

nvd1 cvelist1