This page lists publicly disclosed CVE vulnerabilities affecting inventorymanagementsystem_project inventorymanagementsystem (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-36259 | A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc. | [email protected] | 7.5 | 0.31% | 2022-09-12 | 2024-11-21 |
| CVE-2022-36258 | A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | [email protected] | 7.5 | 0.31% | 2022-09-12 | 2024-11-21 |
| CVE-2022-36257 | A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc. | [email protected] | 7.5 | 0.31% | 2022-09-12 | 2024-11-21 |
| CVE-2022-36256 | A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode". | [email protected] | 7.5 | 0.31% | 2022-09-12 | 2024-11-21 |
| CVE-2022-36255 | A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt". | [email protected] | 7.5 | 0.31% | 2022-09-12 | 2024-11-21 |
| CVE-2022-35606 | A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.' | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35605 | A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35603 | A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35602 | A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35601 | A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35599 | A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |
| CVE-2022-35598 | A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username. | [email protected] | 9.8 | 0.23% | 2022-08-18 | 2024-11-21 |