SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php.
8.8AI Score
0.002EPSS
LokwaBB 1.2.2 allows remote attackers to read arbitrary messages by modifying the pmid parameter to pm.php.
7.1AI Score
0.005EPSS