25 matches found
CVE-2019-20896
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...
EUVD-2019-11431
Malware in sbrugna...
EUVD-2023-27060
Malicious code in bioql PyPI...
EUVD-2023-43551
Malicious code in bioql PyPI...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
WebChess SQL Injection Vulnerability (CNVD-2023-64111)
WebChess is a web-based online chess game. A SQL injection vulnerability exists in webchess v1.0, which originates from the lack of validation of the $playerID parameter in mainmenu.php against external SQL input. This vulnerability can be exploited by attackers to execute illegal SQL commands to...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
Sql injection
DISPUTED webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
PT-2023-27135 · Webchess · Webchess
Name of the Vulnerable Software and Affected Versions: webchess version 1.0 Description: A SQL injection issue was discovered in webchess via the $playerID parameter at the "mainmenu.php" endpoint. However, it is disputed by a third party who claims that the $playerID is a session variable...
CVE-2023-39851
WebChess v1.0 contains a SQL injection vulnerability in mainmenu.php via the $playerID parameter. Root cause: lack of input validation/ sanitization allows external SQL input to be executed, potentially leaking sensitive data. Some sources dispute exploitability, noting $playerID may be server-co...
WebChess SQL注入漏洞
WebChess is a web-based online chess game. A SQL injection vulnerability exists in webchess v1.0, which originates from the lack of validation of the $playerID parameter in mainmenu.php against external SQL input. This vulnerability can be exploited by attackers to execute illegal SQL commands to...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
CVE-2023-39851
webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
Sql injection
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
CVE-2023-22959
CVE-2023-22959 refers to a SQL injection vulnerability in WebChess versions 0.9.0 and 1.0.0.rc2. The flaw originates from vulnerable handling in mainmenu.php, chess.php, and opponentspassword.php, specifically affecting the txtFirstName and txtLastName parameters. The documented impact is high (C...
WebChess SQL Injection Vulnerability
WebChess is a web-based online chess game. A SQL injection vulnerability exists in WebChess version 1.0. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit this vulnerability to execute illegal SQL command...