2 matches found
CVE-2022-35598
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username...
CVE-2022-35598
CVE-2022-35598 affects InventoryManagementSystem 1.0 (sazanrjb). The vulnerability is a SQL injection in ConnectionFactoryDAO.java that allows an attacker to execute arbitrary SQL commands through the username parameter. This is supported by multiple sources (NVD entry for CVE-2022-35598 with CVS...