CVE-2022-36668
MEDIUMGarage Management System 1.0 - Stored Cross-Site Scripting via Parts Parameters
Title source: llmDescription
Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector.
References (2)
Core 2
Core References
Third Party Advisory x_refsource_misc
https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html
Exploit, Third Party Advisory x_refsource_misc
https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md
Scores
CVSS v3
5.4
EPSS
0.0048
EPSS Percentile
37.4%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
garage_management_system_project/garage_management_system
1.0
Published
Sep 14, 2022
Tracked Since
Feb 18, 2026