mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-06 02:31:38 +00:00
760 B
760 B
CVE-2022-36259
Description
A SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "username", "password", etc.
POC
Reference
- https://gist.github.com/ziyishen97/47666f584cd4cdad1d0f6af5f33a56db
- https://github.com/sazanrjb/InventoryManagementSystem/issues/14
Github
No PoCs found on GitHub currently.