Vulnerabilities > Garage Management System Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2022-44279 | Cross-site Scripting vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /garage/php_action/createBrand.php. | 6.1 |
| 2022-11-02 | CVE-2022-41551 | SQL Injection vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php. | 7.2 |
| 2022-10-20 | CVE-2022-41358 | Cross-site Scripting vulnerability in Garage Management System Project Garage Management System 1.0 A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php. | 5.4 |
| 2022-09-16 | CVE-2022-38877 | Unrestricted Upload of File with Dangerous Type vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php?id=1. | 7.2 |
| 2022-09-14 | CVE-2022-36667 | Unrestricted Upload of File with Dangerous Type vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. | 8.8 |
| 2022-09-14 | CVE-2022-36668 | Cross-site Scripting vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. | 5.4 |
| 2022-09-12 | CVE-2022-38606 | SQL Injection vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php. | 7.2 |
| 2022-09-12 | CVE-2022-38610 | SQL Injection vulnerability in Garage Management System Project Garage Management System 1.0 Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php. | 7.2 |
| 2022-09-02 | CVE-2022-36638 | Unspecified vulnerability in Garage Management System Project Garage Management System 1.0 An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders. | 5.3 |
| 2022-09-02 | CVE-2022-36639 | Cross-site Scripting vulnerability in Garage Management System Project Garage Management System 1.0 A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter. | 5.4 |