Vulnerabilities > Astrodog Press
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-07-10 | CVE-2006-3485 | SQL Injection vulnerability in AstroDog Press Some Chess Board.PHP Multiple SQL injection vulnerabilities in AstroDog Press Some Chess 1.5-RC2 and earlier allow remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly including the gameID parameter in board.php. | 7.5 |
2006-06-28 | CVE-2006-3273 | HTML Injection vulnerability in Astrodog Press Some Chess 1.5Rc1 Cross-site scripting (XSS) vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter ("New Name" field). | 2.6 |
2006-06-28 | CVE-2006-3272 | Cross-Site Request Forgery vulnerability in Astrodog Press Some Chess 1.5Rc2 Cross-site request forgery (CSRF) vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. | 5.0 |