25 matches found
CVE-2019-20896
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...
CVE-2019-20896
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...
Sql injection
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...
CVE-2019-20896
CVE-2019-20896 affects WebChess 1.0 and involves an SQL injection vulnerability exposed through the parameters: messageFrom, gameID, opponent, messageID, or to. The issue stems from insufficient input validation/parameter handling in WebChess 1.0, enabling an attacker to inject and execute arbitr...
CVE-2019-20896
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...