EUVD-2006-3480

Malware in sbrugna...

CVE-2006-3485

CVE-2006-3485 affects AstroDog Press Some Chess 1.5-RC2 and earlier. The vulnerability is a SQL injection in unspecified vectors, with potential involvement of the gameID parameter in board.php, allowing remote attackers to execute arbitrary SQL commands. Documents do not specify concrete exploit...

CVE-2006-3273

Cross-site scripting XSS vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter "New Name" field...

CVE-2006-3272

Cross-site request forgery CSRF vulnerability in menu.php in Some Chess 1.5 rc2 allows remote attackers to conduct actions as another user, such as changing usernames and passwords, via unspecified vectors. NOTE: the provenance of this information is unknown; the details are obtained from third...

CVE-2006-3273

Cross-site scripting XSS vulnerability in menu.php in Some Chess 1.5 rc1 allows remote attackers to inject arbitrary web script or HTML via the user parameter "New Name" field...

CVE-2006-3273

The CVE-2006-3273 entry documents a Cross-site Scripting (XSS) vulnerability in menu.php of Some Chess 1.5 rc1, exploitable via the user parameter in the “New Name” field. The affected component is menu.php within Some Chess 1.5 rc1; the underlying cause is input that is not properly sanitized, e...

CVE-2006-3272

CVE-2006-3272 describes a Cross-site request forgery (CSRF) in Some Chess 1.5 rc2 affecting the menu.php component. The vulnerability allows an attacker to perform actions as another user (e.g., changing usernames and passwords) via unspecified vectors. The available documents confirm the affecte...