CVE-2003-1162 | Vulnerability Database | Aqua Security

index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters.

Affected Software

Name	Vendor	Start Version	End Version
Tritanium_bulletin_board	Tritanium_scripts	0.993_beta (including)	0.993_beta (including)
Tritanium_bulletin_board	Tritanium_scripts	0.994_beta (including)	0.994_beta (including)
Tritanium_bulletin_board	Tritanium_scripts	0.999_beta (including)	0.999_beta (including)
Tritanium_bulletin_board	Tritanium_scripts	1.0_beta (including)	1.0_beta (including)
Tritanium_bulletin_board	Tritanium_scripts	1.1_final (including)	1.1_final (including)
Tritanium_bulletin_board	Tritanium_scripts	1.2 (including)	1.2 (including)
Tritanium_bulletin_board	Tritanium_scripts	1.2.1 (including)	1.2.1 (including)
Tritanium_bulletin_board	Tritanium_scripts	1.2.2 (including)	1.2.2 (including)
Tritanium_bulletin_board	Tritanium_scripts	1.2.3 (including)	1.2.3 (including)

References

http://archives.neohapsis.com/archives/bugtraq/2003-10/0348.html
http://secunia.com/advisories/10135
http://www.osvdb.org/2770
http://www.securityfocus.com/bid/8944
https://exchange.xforce.ibmcloud.com/vulnerabilities/13587

NVD	https://nvd.nist.gov/vuln/detail/CVE-2003-1162
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html