Vulnerabilities > CVE-2006-3485 - SQL Injection vulnerability in AstroDog Press Some Chess Board.PHP

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
astrodog-press

Summary

Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the gameID parameter in board.php.

Vulnerable Configurations

Part Description Count
Application
Astrodog_Press
2