VYPR
Unrated severityNVD Advisory· Published Dec 27, 2006· Updated Jun 16, 2026

CVE-2006-6769

CVE-2006-6769

Description

Multiple cross-site scripting (XSS) vulnerabilities in PHP Live! 3.2.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) search_string parameter in (a) setup/transcripts.php, the (2) l parameter in (b) index.php, the (3) login field in (c) phplive/index.php, and the (4) deptid and (5) x parameters in (d) phplive/message_box.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • PHP Live/PHP Live4 versions
    cpe:2.3:a:php_live:php_live:*:*:*:*:*:*:*:*+ 3 more
    • cpe:2.3:a:php_live:php_live:*:*:*:*:*:*:*:*range: <=3.2.2
    • cpe:2.3:a:php_live:php_live:2.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:php_live:php_live:3.0:*:*:*:*:*:*:*
    • (no CPE)range: <=3.2.2

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.