Vulnerability Details CVE-2022-36668
Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 29.6%
CVSS Severity
CVSS v3 Score 5.4
References
- https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md
- https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html
- https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md
- https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html
Products affected by CVE-2022-36668
-
cpe:2.3:a:garage_management_system_project:garage_management_system:1.0