{ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2007-3060", "STATE" : "PUBLIC" }, "affects" : { "vendor" : { "vendor_data" : [ { "product" : { "product_data" : [ { "product_name" : "n/a", "version" : { "version_data" : [ { "version_value" : "n/a" } ] } } ] }, "vendor_name" : "n/a" } ] } }, "data_format" : "MITRE", "data_type" : "CVE", "data_version" : "4.0", "description" : { "description_data" : [ { "lang" : "eng", "value" : "Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 allow remote attackers to inject arbitrary web script or HTML via the (1) sid parameter to (a) chat.php, (2) LANG[DEFAULT_BRANDING] and (3) PHPLIVE_VERSION parameters to (b) help.php, the (4) admin[name] parameter to (c) admin/header.php, and the (5) BASE_URL parameter to (d) super/info.php, and in some cases, the LANG[DEFAULT_BRANDING], PHPLIVE_VERSION, and (6) nav_line parameters to setup/footer.php, different vectors than CVE-2006-6769." } ] }, "problemtype" : { "problemtype_data" : [ { "description" : [ { "lang" : "eng", "value" : "n/a" } ] } ] }, "references" : { "reference_data" : [ { "name" : "20070601 bugtraq submission", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/470275" }, { "name" : "20070604 RE: bugtraq submission", "refsource" : "BUGTRAQ", "url" : "http://www.securityfocus.com/archive/1/470508/100/0/threaded" }, { "name" : "20070601 PHPLive ALL VERSION: RFI + XSS", "refsource" : "FULLDISC", "url" : "http://marc.info/?l=full-disclosure&m=118072121020357&w=2" }, { "name" : "24276", "refsource" : "BID", "url" : "http://www.securityfocus.com/bid/24276" }, { "name" : "ADV-2007-2082", "refsource" : "VUPEN", "url" : "http://www.vupen.com/english/advisories/2007/2082" }, { "name" : "36986", "refsource" : "OSVDB", "url" : "http://osvdb.org/36986" }, { "name" : "36987", "refsource" : "OSVDB", "url" : "http://osvdb.org/36987" }, { "name" : "36988", "refsource" : "OSVDB", "url" : "http://osvdb.org/36988" }, { "name" : "36989", "refsource" : "OSVDB", "url" : "http://osvdb.org/36989" }, { "name" : "36990", "refsource" : "OSVDB", "url" : "http://osvdb.org/36990" }, { "name" : "38379", "refsource" : "OSVDB", "url" : "http://osvdb.org/38379" }, { "name" : "38380", "refsource" : "OSVDB", "url" : "http://osvdb.org/38380" }, { "name" : "38381", "refsource" : "OSVDB", "url" : "http://osvdb.org/38381" }, { "name" : "38382", "refsource" : "OSVDB", "url" : "http://osvdb.org/38382" }, { "name" : "38383", "refsource" : "OSVDB", "url" : "http://osvdb.org/38383" }, { "name" : "25441", "refsource" : "SECUNIA", "url" : "http://secunia.com/advisories/25441" } ] } }