https://www.exploit-db.com/exploits/23319
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200312-401

TritaniumBulletinBoard是一款基于WEB的论坛程序。TritaniumBulletinBoard对用户提交的请求缺少充分过滤，远程攻击者可以利用这个漏洞本来没有权限访问的帖子内容。攻击者可以通过修改URL，提供_id，forum_id，和sid参数，可回答主题及查看主题内容，攻击者可以通过修改thread_id来访问所有受保护的主题内容。

source: http://www.securityfocus.com/bid/8944/info

It has been reported that Tritanium Bulletin Board may be prone to an access validation error that may allow a remote attacker to to gain unauthorized access to threads. A remote attacker may be able to access sensitive data by modifying the URL and supplying a value for thread_id, forum_id, and sid paremeters.

Successful exploitation of this issue may allow an attacker to gain access to sensitive information that could be used to launch further attacks against a system.

Tritanium Bulletin Board version 1.2.3 has been reported to be prone to this issue, however other versions may be affected as well.

http://www.example.com/[path]/index.php?faction=reply&thread_id=[ID OF THE THREAD TO READ]&forum_id=[ID OF FORUM]&sid=[your sid]

来源:XF
名称:tritanium-threadid-view-messages(13587)
链接:http://xforce.iss.net/xforce/xfdb/13587
来源:BID
名称:8944
链接:http://www.securityfocus.com/bid/8944
来源:OSVDB
名称:2770
链接:http://www.osvdb.org/2770
来源:SECUNIA
名称:10135
链接:http://secunia.com/advisories/10135
来源:BUGTRAQ
名称:20031031VirginitySecurityAdvisory2003-002:TritaniumBulletinBoard-Readandwritefrom/tointernal(protected)Threads
链接:http://archives.neohapsis.com/archives/bugtraq/2003-10/0348.html
来源：NSFOCUS
名称：5705
链接：http://www.nsfocus.net/vulndb/5705