CVE-2022-36258 Information

Description

A SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \searchTxt.

Reference

https://github.com/sazanrjb/InventoryManagementSystem https://gist.github.com/ziyishen97/3553468b534c250f7b0d47e8a4c5fa52 https://github.com/sazanrjb/InventoryManagementSystem/issues/14