A SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as "productcode".
https://github.com/sazanrjb/InventoryManagementSystem/issues/14
https://github.com/sazanrjb/InventoryManagementSystem
https://gist.github.com/ziyishen97/0fd90a5939ffb401e8a74f4a415e1610