MidnightBSD

Advisories for tritanium_scripts

CVE-2003-1162 MEDIUM

index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tritanium_scripts tritanium_bulletin_board 0.993_beta
tritanium_scripts tritanium_bulletin_board 1.2.3
tritanium_scripts tritanium_bulletin_board 0.994_beta
tritanium_scripts tritanium_bulletin_board 1.2.1
tritanium_scripts tritanium_bulletin_board 0.999_beta
tritanium_scripts tritanium_bulletin_board 1.1_final
tritanium_scripts tritanium_bulletin_board 1.2
tritanium_scripts tritanium_bulletin_board 1.0_beta
tritanium_scripts tritanium_bulletin_board 1.2.2
CVE-2006-1768 MEDIUM

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tritanium_scripts tritanium_bulletin_board 1.2.3
CVE-2006-1815 LOW

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_realname and (2) newuser_icq parameters, a different vector than CVE-2006-1768. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
tritanium_scripts tritanium_bulletin_board *