Podatność CVE-2022-41358
Publikacja: 2022-10-20

Opis:
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
Low
Garage Management System 1.0 - 'categoriesName' - Stored XSS
Sam Wallace
15.10.2022

Typ:

CWE-79

 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 Referencje:
https://github.com/thecasual/CVE-2022-41358
https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html
http://packetstormsecurity.com/files/168718/Garage-Management-System-1.0-Cross-Site-Scripting.html
Copyright 2024, cxsecurity.com

 

Back to Top