BSQ Sitestats for Joomla bsqtemplateinc.php Multiple HTTP Header SQL Injection

2006-09-29T11:18:52
ID OSVDB:29286
Type osvdb
Reporter OSVDB
Modified 2006-09-29T11:18:52

Description

Technical Description

This vulnerability is only present when the magic_quotes_gpc PHP option is 'off'.

Solution Description

Upgrade to version 2.2.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor URL: http://developer.joomla.org/sf/projects/bsq_sitestats Secunia Advisory ID:21859 Related OSVDB ID: 29287 Related OSVDB ID: 29284 Related OSVDB ID: 29285 Other Advisory URL: http://secunia.com/secunia_research/2006-63/ Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2006-09/0492.html ISS X-Force ID: 29268 CVE-2006-7123 Bugtraq ID: 20267