Vulnerabilities > Inventorymanagementsystem Project

DATE CVE VULNERABILITY TITLE RISK
2022-09-12 CVE-2022-36255 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
network
low complexity
inventorymanagementsystem-project CWE-89
7.5
2022-09-12 CVE-2022-36256 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".
network
low complexity
inventorymanagementsystem-project CWE-89
7.5
2022-09-12 CVE-2022-36257 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc.
network
low complexity
inventorymanagementsystem-project CWE-89
7.5
2022-09-12 CVE-2022-36258 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
network
low complexity
inventorymanagementsystem-project CWE-89
7.5
2022-09-12 CVE-2022-36259 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.
network
low complexity
inventorymanagementsystem-project CWE-89
7.5
2022-08-18 CVE-2022-35598 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.
network
low complexity
inventorymanagementsystem-project CWE-89
critical
9.8
2022-08-18 CVE-2022-35599 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode.
network
low complexity
inventorymanagementsystem-project CWE-89
critical
9.8
2022-08-18 CVE-2022-35601 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.
network
low complexity
inventorymanagementsystem-project CWE-89
critical
9.8
2022-08-18 CVE-2022-35602 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user.
network
low complexity
inventorymanagementsystem-project CWE-89
critical
9.8
2022-08-18 CVE-2022-35603 SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.
network
low complexity
inventorymanagementsystem-project CWE-89
critical
9.8