CVE-2006-7123

Name of the Vulnerable Software and Affected Versions BSQ Sitestats versions 1.8.0 through 2.2.1

Description The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via unspecified parameters when importing the ip-to-country.csv file, and through the HTTP Referer, HTTP User Agent, and HTTP Accept Language headers to bsqtemplateinc.php.

Recommendations For BSQ Sitestats versions 1.8.0 through 2.2.1, update to version 2.2.1 or later to resolve the issue.