Ac

**Name of the Vulnerable Software and Affected Versions** WebChess versions 0.9.0 and 1.0.0.rc2 **Description** The issue allows SQL injection in WebChess, affecting files such as mainmenu.php, chess.php, and opponentspassword.php. Specifically, the `txtFirstName` and `txtLastName` variables are vulnerable. **Recommendations** For versions 0.9.0 and 1.0.0.rc2, consider restricting access to the mainmenu.php, chess.php, and opponentspassword.php files until a patch is available. As a temporary workaround, avoid using the `txtFirstName` and `txtLastName` variables in these files to minimize the risk of exploitation.