SQL injection vulnerability in LokwaBB 1.2.2 allows remote attackers to execute arbitrary SQL commands via the (1) member parameter to member.php or (2) loser parameter to misc.php.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Lokwabb | Lokwa | 1.2.1 (including) | 1.2.1 (including) |
References
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0055.html
- http://www.ifrance.com/kitetoua/tuto/LokwaBB.txt
- http://www.iss.net/security_center/static/9318.php
- http://www.securityfocus.com/bid/4981
- http://archives.neohapsis.com/archives/bugtraq/2002-06/0055.html
- http://www.ifrance.com/kitetoua/tuto/LokwaBB.txt
- http://www.iss.net/security_center/static/9318.php
- http://www.securityfocus.com/bid/4981