use strict;
use warnings;

use XML::XPath;
use XML::XPath::XMLParser;

my $data_file = "./nvdcve-2.0-2008.xml";

my $cve_id = 'CVE-2008-3763';
my $query = "/nvd/entry[@id = $cve_id]";

my $xp = XML::XPath-> new(filename => "$data_file");

foreach my $cve_entry ($xp->findnodes($query)) {

		my $AV = $cve_entry->find('//entry/vuln:cvss/cvss:base_metrics/cvss:access-vector');
		my $AC = $cve_entry->find('//entry/vuln:cvss/cvss:base_metrics/cvss:access-vector');
		my $AV = $cve_entry->find('//entry/vuln:cvss/cvss:base_metrics/cvss:access-complexity');
		# etc...
}

##</code><code>##

<?xml version='1.0' encoding='UTF-8'?>
<nvd xmlns:cpe-lang="http://cpe.mitre.org/language/2.0" xmlns:vuln="http://scap.nist.gov/schema/vulnerability/0.4" xmlns:cvss="http://scap.nist.gov/schema/cvss-v2/0.2" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://scap.nist.gov/schema/feed/vulnerability/2.0" nvd_xml_version="2.0" pub_date="2009-01-28T03:10:00" xsi:schemaLocation="http://scap.nist.gov/schema/feed/vulnerability/2.0 http://nvd.nist.gov/schema/nvd-cve-feed_2.0.xsd">


<entry id="CVE-2008-3763">
	<vuln:cvss>
		<cvss:base_metrics>
			<cvss:score>6.8</cvss:score>
			<cvss:access-vector>NETWORK</cvss:access-vector>
			<cvss:access-complexity>MEDIUM</cvss:access-complexity>
			<cvss:authentication>NONE</cvss:authentication>
			<cvss:confidentiality-impact>PARTIAL</cvss:confidentiality-impact>
			<cvss:integrity-impact>PARTIAL</cvss:integrity-impact>
			<cvss:availability-impact>PARTIAL</cvss:availability-impact>
			<cvss:source>http://nvd.nist.gov</cvss:source>
			cvss:generated-on-datetime>2008-08-21T14:37:00.000-04:00</cvss:generated-on-datetime>
		</cvss:base_metrics>
	</vuln:cvss>
</entry>