Vulnerabilities > Inventorymanagementsystem Project > Inventorymanagementsystem > Critical

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-18	CVE-2022-35606	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.' network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35605	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35603	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35602	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35601	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35599	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8
2022-08-18	CVE-2022-35598	SQL Injection vulnerability in Inventorymanagementsystem Project Inventorymanagementsystem 1.0 A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username. network low complexity inventorymanagementsystem-project CWE-89 critical	9.8

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.