CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-43551

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.00355EPSS

Exploits1References2

CNVD•added 2023/08/17 12:0 a.m.•14 views

WebChess SQL Injection Vulnerability (CNVD-2023-64111)

WebChess is a web-based online chess game. A SQL injection vulnerability exists in webchess v1.0, which originates from the lack of validation of the $playerID parameter in mainmenu.php against external SQL input. This vulnerability can be exploited by attackers to execute illegal SQL commands to...

9.8CVSS8.3AI score0.00355EPSS

Exploits1References1

NVD•added 2023/08/15 10:15 p.m.•7 views

CVE-2023-39851

webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...

9.8CVSS9.8AI score0.00355EPSS

Exploits1References2

Prion•added 2023/08/15 10:15 p.m.•12 views

Sql injection

DISPUTED webchess v1.0 was discovered to contain a SQL injection vulnerability via the $playerID parameter at mainmenu.php. NOTE: this is disputed by a third party who indicates that the playerID is a session variable controlled by the server, and thus cannot be used for exploitation...

7.5CVSS9.8AI score0.00355EPSS

Exploits1References2Affected Software1

CVE•added 2023/08/15 12:0 a.m.•125 views

CVE-2023-39851

WebChess v1.0 contains a SQL injection vulnerability in mainmenu.php via the $playerID parameter. Root cause: lack of input validation/ sanitization allows external SQL input to be executed, potentially leaking sensitive data. Some sources dispute exploitability, noting $playerID may be server-co...

9.8CVSS9.8AI score0.00355EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2023/08/15 12:0 a.m.•3 views

PT-2023-27135 · Webchess · Webchess

Name of the Vulnerable Software and Affected Versions: webchess version 1.0 Description: A SQL injection issue was discovered in webchess via the $playerID parameter at the "mainmenu.php" endpoint. However, it is disputed by a third party who claims that the $playerID is a session variable...

9.8CVSS9.8AI score0.00355EPSS

Exploits1References11

Cvelist•added 2023/08/15 12:0 a.m.•13 views

CVE-2023-39851

10AI score0.00355EPSS

Exploits1References2

Prion•added 2023/01/11 4:15 a.m.•9 views

Sql injection

WebChess through 0.9.0 and 1.0.0.rc2 allows SQL injection: mainmenu.php, chess.php, and opponentspassword.php txtFirstName, txtLastName...

6.5CVSS8.9AI score0.00335EPSS

Exploits1References2Affected Software1

CVE•added 2023/01/11 12:0 a.m.•107 views

CVE-2023-22959

CVE-2023-22959 refers to a SQL injection vulnerability in WebChess versions 0.9.0 and 1.0.0.rc2. The flaw originates from vulnerable handling in mainmenu.php, chess.php, and opponentspassword.php, specifically affecting the txtFirstName and txtLastName parameters. The documented impact is high (C...

8.8CVSS8.9AI score0.00335EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by