Search criteria
12 vulnerabilities by inventorymanagementsystem_project
CVE-2022-36259 (GCVE-0-2022-36259)
Vulnerability from cvelistv5 – Published: 2022-09-12 03:14 – Updated: 2024-08-03 10:00
VLAI
Summary
A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
| https://gist.github.com/ziyishen97/47666f584cd4cd… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.284Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/ziyishen97/47666f584cd4cdad1d0f6af5f33a56db"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"username\", \"password\", etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T03:14:33.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/ziyishen97/47666f584cd4cdad1d0f6af5f33a56db"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36259",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"username\", \"password\", etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"name": "https://gist.github.com/ziyishen97/47666f584cd4cdad1d0f6af5f33a56db",
"refsource": "MISC",
"url": "https://gist.github.com/ziyishen97/47666f584cd4cdad1d0f6af5f33a56db"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36259",
"datePublished": "2022-09-12T03:14:33.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:04.284Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36258 (GCVE-0-2022-36258)
Vulnerability from cvelistv5 – Published: 2022-09-12 03:12 – Updated: 2024-08-03 10:00
VLAI
Summary
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
| https://gist.github.com/ziyishen97/3553468b534c25… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.336Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/ziyishen97/3553468b534c250f7b0d47e8a4c5fa52"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T03:12:59.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/ziyishen97/3553468b534c250f7b0d47e8a4c5fa52"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36258",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"name": "https://gist.github.com/ziyishen97/3553468b534c250f7b0d47e8a4c5fa52",
"refsource": "MISC",
"url": "https://gist.github.com/ziyishen97/3553468b534c250f7b0d47e8a4c5fa52"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36258",
"datePublished": "2022-09-12T03:12:59.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:04.336Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36257 (GCVE-0-2022-36257)
Vulnerability from cvelistv5 – Published: 2022-09-12 03:11 – Updated: 2024-08-03 10:00
VLAI
Summary
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
| https://gist.github.com/ziyishen97/ff3816032a7679… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/ziyishen97/ff3816032a76796f45368ed243ab3343"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"users\", \"pass\", etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T03:11:12.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/ziyishen97/ff3816032a76796f45368ed243ab3343"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36257",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"users\", \"pass\", etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"name": "https://gist.github.com/ziyishen97/ff3816032a76796f45368ed243ab3343",
"refsource": "MISC",
"url": "https://gist.github.com/ziyishen97/ff3816032a76796f45368ed243ab3343"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36257",
"datePublished": "2022-09-12T03:11:12.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:04.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36256 (GCVE-0-2022-36256)
Vulnerability from cvelistv5 – Published: 2022-09-12 03:08 – Updated: 2024-08-03 10:00
VLAI
Summary
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
| https://gist.github.com/ziyishen97/0fd90a5939ffb4… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.275Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/ziyishen97/0fd90a5939ffb401e8a74f4a415e1610"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"productcode\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T03:08:56.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/ziyishen97/0fd90a5939ffb401e8a74f4a415e1610"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36256",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"productcode\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"name": "https://gist.github.com/ziyishen97/0fd90a5939ffb401e8a74f4a415e1610",
"refsource": "MISC",
"url": "https://gist.github.com/ziyishen97/0fd90a5939ffb401e8a74f4a415e1610"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36256",
"datePublished": "2022-09-12T03:08:56.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:04.275Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-36255 (GCVE-0-2022-36255)
Vulnerability from cvelistv5 – Published: 2022-09-12 03:06 – Updated: 2024-08-03 10:00
VLAI
Summary
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
| https://gist.github.com/ziyishen97/268678bca3034c… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:00:04.310Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://gist.github.com/ziyishen97/268678bca3034c64861b135946ee9fc3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\"."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-09-12T03:06:49.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://gist.github.com/ziyishen97/268678bca3034c64861b135946ee9fc3"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-36255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\"."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
},
{
"name": "https://gist.github.com/ziyishen97/268678bca3034c64861b135946ee9fc3",
"refsource": "MISC",
"url": "https://gist.github.com/ziyishen97/268678bca3034c64861b135946ee9fc3"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-36255",
"datePublished": "2022-09-12T03:06:49.000Z",
"dateReserved": "2022-07-18T00:00:00.000Z",
"dateUpdated": "2024-08-03T10:00:04.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35606 (GCVE-0-2022-35606)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:29 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.421Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter \u0027customerCode.\u0027"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:29:16.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35606",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter \u0027customerCode.\u0027"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35606",
"datePublished": "2022-08-18T01:29:16.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.421Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35605 (GCVE-0-2022-35605)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:26 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as 'users', 'pass', etc.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.399Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \u0027users\u0027, \u0027pass\u0027, etc."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:26:27.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35605",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \u0027users\u0027, \u0027pass\u0027, etc."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35605",
"datePublished": "2022-08-18T01:26:27.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.399Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35603 (GCVE-0-2022-35603)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:24 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.409Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:24:18.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35603",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35603",
"datePublished": "2022-08-18T01:24:18.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.409Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35602 (GCVE-0-2022-35602)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:23 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.450Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:23:28.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35602",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35602",
"datePublished": "2022-08-18T01:23:28.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35601 (GCVE-0-2022-35601)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:21 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:21:48.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35601",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35601",
"datePublished": "2022-08-18T01:21:48.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35599 (GCVE-0-2022-35599)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:18 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.388Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:18:41.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35599",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35599",
"datePublished": "2022-08-18T01:18:41.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-35598 (GCVE-0-2022-35598)
Vulnerability from cvelistv5 – Published: 2022-08-18 01:17 – Updated: 2024-08-03 09:36
VLAI
Summary
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/sazanrjb/InventoryManagementSy… | x_refsource_MISC |
| https://github.com/sazanrjb/InventoryManagementSystem | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T09:36:44.412Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-08-18T01:17:34.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2022-35598",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem/issues/14"
},
{
"name": "https://github.com/sazanrjb/InventoryManagementSystem",
"refsource": "MISC",
"url": "https://github.com/sazanrjb/InventoryManagementSystem"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2022-35598",
"datePublished": "2022-08-18T01:17:34.000Z",
"dateReserved": "2022-07-11T00:00:00.000Z",
"dateUpdated": "2024-08-03T09:36:44.412Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}