Description
SQL injection vulnerability in Joomla BSQ Sitestats 1.8.0 and 2.2.1 allows remote attackers to execute arbitrary SQL commands via the query string, possibly PHP_SELF.
Affected products
- Joomla! / bsq_sitestats1.8.0 – 1.8.0
- Joomla! / bsq_sitestats2.1.1 – 2.1.1
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2006/4090
- MISChttp://www.securityfocus.com/bid/20614
- MISChttp://www.securityfocus.com/archive/1/449125/100/0/threaded
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/29662
- MISChttp://developer.joomla.org/sf/sfmain/do/viewProject/projects.bsq_sitestats
- MISChttp://secunia.com/secunia_research/2006-65/advisory/