2 matches found
CVE-2019-20896
WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter...
CVE-2019-20896
CVE-2019-20896 affects WebChess 1.0 and involves an SQL injection vulnerability exposed through the parameters: messageFrom, gameID, opponent, messageID, or to. The issue stems from insufficient input validation/parameter handling in WebChess 1.0, enabling an attacker to inject and execute arbitr...