Vulnerabilities > CVE-2006-1768 - Cross-Site Scripting vulnerability in Tritanium Scripts Tritanium Bulletin Board 1.2.3
Attack vector
NETWORK Attack complexity
HIGH Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php. Succesful exploitation requires that "register_globals" is enabled.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | Tritanium Bulletin Board 1.2.3 Multiple Cross-Site Scripting Vulnerabilities. CVE-2006-1768. Webapps exploit for php platform |
id | EDB-ID:27626 |
last seen | 2016-02-03 |
modified | 2006-04-11 |
published | 2006-04-11 |
reporter | d4igoro |
source | https://www.exploit-db.com/download/27626/ |
title | Tritanium Bulletin Board 1.2.3 - Multiple Cross-Site Scripting Vulnerabilities |