Vulnerabilities > Webchess Project
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-08-15 | CVE-2023-39851 | SQL Injection vulnerability in Webchess Project Webchess 1.0 webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. | 9.8 |
2023-01-11 | CVE-2023-22959 | SQL Injection vulnerability in Webchess Project Webchess 0.9.0/1.0.0 WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php (txtFirstName, txtLastName). | 8.8 |
2020-07-07 | CVE-2019-20896 | SQL Injection vulnerability in Webchess Project Webchess 1.0 WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter. | 9.8 |