SQL Injection Vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0

SQL Injection Vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0

CVE-2022-36259 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.