2 matches found
CVE-2022-35606
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'...
CVE-2022-35606
The CVE-2022-35606 entry concerns a SQL injection in sazanrjb InventoryManagementSystem 1.0, specifically in CustomerDAO.java via the customerCode parameter. Multiple sources (NVD, Red Hat, CNA/CVELIST, CNNVD, PRION, PT-Security) confirm a vulnerability in the InventoryManagementSystem where an a...