CVE-2006-7125

Published: Mar 6, 2007Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Cross-site scripting (XSS) vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the HTTP Referer header, which is not properly handled when the administrator views site statistics.

Affected (2)

Products: Joomla: Bsq Sitestats

Joomla

1 product

Bsq Sitestats

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Joomla Bsq Sitestats	Version 1.8.0
Joomla Bsq Sitestats	Version 2.1.1

References (10)

http://secunia.com/secunia_research/2006-65/advisory/

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/archive/1/449125/100/0/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/20614

Source: cve@mitre.org

Patch

http://www.vupen.com/english/advisories/2006/4090

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/29661

Source: cve@mitre.org

http://secunia.com/secunia_research/2006-65/advisory/