7 matches found
EUVD-2022-38976
Malicious code in bioql PyPI...
CVE-2022-36258
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt"...
CVE-2022-36258
CVE-2022-36258 affects sazanrjb InventoryManagementSystem 1.0, with a SQL injection in CustomerDAO.java that allows attackers to execute arbitrary SQL via parameters such as searchTxt. The primary technical detail across sources is the vulnerable function CustomerDAO.java and the input parameter(...
PT-2022-23277 · Unknown · Sazanrjb Inventorymanagementsystem
Name of the Vulnerable Software and Affected Versions: sazanrjb InventoryManagementSystem version 1.0 Description: A SQL injection issue in CustomerDAO.java allows attackers to execute arbitrary SQL commands via parameters such as searchTxt. This enables unauthorized access and manipulation of...
CVE-2022-35606
The CVE-2022-35606 entry concerns a SQL injection in sazanrjb InventoryManagementSystem 1.0, specifically in CustomerDAO.java via the customerCode parameter. Multiple sources (NVD, Red Hat, CNA/CVELIST, CNNVD, PRION, PT-Security) confirm a vulnerability in the InventoryManagementSystem where an a...
CVE-2022-35603
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt...
CVE-2022-35603
CVE-2022-35603 affects sazanrjb InventoryManagementSystem 1.0 in which the vulnerability lies in CustomerDAO.java via the searchTxt parameter, enabling SQL injection and the execution of arbitrary SQL. Root cause: improper handling of user input leading to query manipulation. Impact: high (C/H/I/...