CVE-2006-4995

2022-10-0316:21:30

mitre

www.cve.org

cve-2006-4995

php

remote file inclusion

bsq sitestats

joomla

arbitrary code execution

mosconfig_absolute_path parameter

7.6 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.7%

JSON

PHP remote file inclusion vulnerability in BSQ Sitestats (bsq_sitestats) before 2.1.1 for Joomla! allows remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter.

References

developer.joomla.org/sf/sfmain/do/viewProject/projects.bsq_sitestats

forum.joomla.org/index.php/topic%2C79477.0.html