CVE-2006-1768

Tritanium Bulletin Board 1.2.3 - XSS

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-1768. PoCs published by d4igoro.

AI-analyzed exploit summary The provided text describes multiple XSS vulnerabilities in Tritanium Bulletin Board due to improper input sanitization. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.

Description

Multiple cross-site scripting (XSS) vulnerabilities in register.php in Tritanium Bulletin Board (TBB) 1.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) newuser_name, (2) newuser_email, and (3) newuser_hp parameters in the faction=register mode in index.php.

Exploits (1)

exploitdb WRITEUP VERIFIED

by d4igoro · textwebappsphp

https://www.exploit-db.com/exploits/27626

View Code ZIP pw:eip

The provided text describes multiple XSS vulnerabilities in Tritanium Bulletin Board due to improper input sanitization. It includes example URLs demonstrating the vulnerability but lacks executable exploit code.

Classification

Writeup 90%

Attack Type

Xss

Complexity

Trivial

Reliability

Theoretical

Target: Tritanium Bulletin Board

No auth needed

Prerequisites: Access to the target application · User interaction to trigger the XSS

MITRE ATT&CK