SQL Injection Vulnerability in CustomerDAO.java in InventoryManagementSystem 1.0

SQL Injection Vulnerability in CustomerDAO.java in InventoryManagementSystem 1.0

CVE-2022-35606 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameter 'customerCode.'

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.