Inventorymanagementsystem - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Inventorymanagementsystem
(Inventorymanagementsystem_project)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	12

Date	Id	Summary	Products	Score	Patch	Annotated
2022-08-18	CVE-2022-35598	A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35601	A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35599	A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35602	A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35603	A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35605	A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc.	Inventorymanagementsystem	9.8
2022-08-18	CVE-2022-35606	A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'	Inventorymanagementsystem	9.8
2022-09-12	CVE-2022-36255	A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".	Inventorymanagementsystem	7.5
2022-09-12	CVE-2022-36256	A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".	Inventorymanagementsystem	7.5
2022-09-12	CVE-2022-36257	A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc.	Inventorymanagementsystem	7.5