VYPR
Unrated severityNVD Advisory· Published Mar 24, 2006· Updated Jun 16, 2026

CVE-2006-1373

CVE-2006-1373

Description

Cross-site scripting (XSS) vulnerability in status_image.php in PHP Live! 3.0 allows remote attackers to inject arbitrary web script or HTML via the base_url parameter.

Affected products

3
  • PHP Live/PHP Live3 versions
    cpe:2.3:a:php_live:php_live:*:*:*:*:*:*:*:*+ 2 more
    • cpe:2.3:a:php_live:php_live:*:*:*:*:*:*:*:*range: <=3.0
    • cpe:2.3:a:php_live:php_live:2.8.1:*:*:*:*:*:*:*
    • (no CPE)range: = 3.0

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.