WebChess is a web-based online chess game. A SQL injection vulnerability exists in webchess v1.0, which originates from the lack of validation of the $playerID parameter in mainmenu.php against external SQL input. This vulnerability can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.