Lucene search

K

MitreCVELIST:CVE-2022-35598

HistoryAug 18, 2022 - 1:17 a.m.

CVE-2022-35598

2022-08-1801:17:34

mitre

www.cve.org

3

sql injection

connectionfactorydao

arbitrary commands

EPSS

0.002

Percentile

55.3%

A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.

References

github.com/sazanrjb/InventoryManagementSystem

github.com/sazanrjb/InventoryManagementSystem/issues/14

EPSS

0.002

Percentile

55.3%

Related for CVELIST:CVE-2022-35598

prion1 nvd1 cve1