CVE-2022-35599

CVE-2022-35599 affects the sazanrjb InventoryManagementSystem 1.0, specifically the Stocks.java component. The vulnerability arises from an SQL injection via the productcode parameter, allowing attackers to execute arbitrary SQL commands. The issue is rated high severity (CVSS 3.1: 9.8, CRITICAL)...

CVE-2022-35598

CVE-2022-35598 affects InventoryManagementSystem 1.0 (sazanrjb). The vulnerability is a SQL injection in ConnectionFactoryDAO.java that allows an attacker to execute arbitrary SQL commands through the username parameter. This is supported by multiple sources (NVD entry for CVE-2022-35598 with CVS...

PT-2022-22921 · Unknown · Sazanrjb Inventorymanagementsystem

Name of the Vulnerable Software and Affected Versions: sazanrjb InventoryManagementSystem version 1.0 Description: A SQL injection issue in UserDAO.java allows attackers to execute arbitrary SQL commands via parameters such as users and pass. Recommendations: For sazanrjb InventoryManagementSyste...

InventoryManagementSystem SQL注入漏洞

InventoryManagementSystem is an inventory management system by Sajan Rajbhandari, an individual developer. It provides an easy way to track products, suppliers, customers, and purchasing and sales information. A SQL injection vulnerability exists in InventoryManagementSystem version 1.0, which...

CVE-2022-35604

CVE-2022-35604 is a duplicate of CVE-2022-35601. Connected documents provide concrete details for 35601: a SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 that allows attackers to execute arbitrary SQL commands via the parameter searchTxt. Affected softwa...