CVE-2006-7124

Name of the Vulnerable Software and Affected Versions BSQ Sitestats versions 1.8.0 through 2.2.0

Description The issue allows remote attackers to execute arbitrary PHP code via the baseDir parameter in the external/rssfeeds.php file. This can be exploited by sending a crafted request to the vulnerable endpoint.

Recommendations For versions 1.8.0 through 2.2.0, consider restricting access to the external/rssfeeds.php file until a patch is available. As a temporary workaround, avoid using the baseDir parameter in the affected file to minimize the risk of exploitation.