WebChess 1.0 allows SQL injection via the messageFrom, gameID, opponent, messageID, or to parameter.Referenceshttps://sourceforge.net/p/webchess/bugs/81/
