Shodan
Vulnerabilities
Vulnerable Software
Inventorymanagementsystem Project:  Security Vulnerabilities
CVE-2022-36256
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-12
CVE-2022-36257
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "users", "pass", etc.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-12
CVE-2022-36258
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-12
CVE-2022-36259
A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-12
CVE-2022-36255
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "searchTxt".
CVSS Score
7.5
EPSS Score
0.001
Published
2022-09-12
CVE-2022-35606
A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-18
CVE-2022-35598
A SQL injection vulnerability in ConnectionFactoryDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter username.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-18
CVE-2022-35599
A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter productcode.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-18
CVE-2022-35601
A SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter searchTxt.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-08-18
CVE-2022-35602
A SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via parameter user.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-08-18


Products
Pricing
Contact Us

Shodan ® - All rights reserved