LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php.
Max CVSS
5.0
EPSS Score
0.24%
Published
2002-12-31
Updated
2008-09-05
SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php.
Max CVSS
7.5
EPSS Score
0.15%
Published
2002-12-31
Updated
2008-09-05
2 vulnerabilities found