PT-2022-22920 · Unknown · Inventory Management System
Published
2022-08-18
·
Updated
2024-05-06
·
CVE-2022-35604
None
No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.
Name of the Vulnerable Software and Affected Versions
InventoryManagementSystem version 1.0
Description
A SQL injection issue allows attackers to execute arbitrary SQL commands via the
searchTxt parameter.Recommendations
For InventoryManagementSystem version 1.0, consider restricting access to the vulnerable
SupplierDAO.java file until a patch is available. As a temporary workaround, avoid using the searchTxt parameter in the affected API endpoint until the issue is resolved. Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Inventory Management System