215 matches found
chess-calendar.eu Cross Site Scripting vulnerability OBB-3864214
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chess.myspecies.info Improper Access Control vulnerability OBB-3855217
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chess-store.it Improper Access Control vulnerability OBB-3838665
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
praguechess.cz Cross Site Scripting vulnerability OBB-3584461
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chess-mail.com Cross Site Scripting vulnerability OBB-3567021
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
praguechess.cz Cross Site Scripting vulnerability OBB-3413581
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chess-tigers.de Cross Site Scripting vulnerability OBB-3378869
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chessproblem.my-free-games.com Cross Site Scripting vulnerability OBB-3259655
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
blog.praguechess.cz Cross Site Scripting vulnerability OBB-3248994
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
blog.praguechess.cz Cross Site Scripting vulnerability OBB-3233306
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
SUSE CVE-2015-8972
Stack-based buffer overflow in the ValidateMove function in frontend/move.cc in GNU Chess aka gnuchess before 6.2.4 might allow context-dependent attackers to execute arbitrary code via a large input, as demonstrated when in UCI mode...
SUSE CVE-2019-15767
In GNU Chess 6.2.5, there is a stack-based buffer overflow in the cmdload function in frontend/cmd.cc via a crafted chess position in an EPD file...
SUSE CVE-2021-30184
GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN Portable Game Notation data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmdpgnload and cmdpgnreplay functions in frontend/cmd.cc...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
CVE-2023-22959
WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
PT-2023-18800 · Webchess · Webchess
Name of the Vulnerable Software and Affected Versions: WebChess versions 0.9.0 and 1.0.0.rc2 Description: The issue allows SQL injection in WebChess, affecting files such as mainmenu.php, chess.php, and opponentspassword.php. Specifically, the txtFirstName and txtLastName variables are vulnerable...
WebChess SQL注入漏洞
WebChess is a web-based online chess game. A SQL injection vulnerability exists in WebChess version 0.9.0 and 1.0.0.rc2, which originates from allowing SQL injection via mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...
chess-endgame.com Cross Site Scripting vulnerability OBB-2967487
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chessvariants.org Cross Site Scripting vulnerability OBB-2884787
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...