Vulnerability CVE-2022-2579


Published: 2022-07-29

Description:
A vulnerability, which was classified as problematic, was found in SourceCodester Garage Management System 1.0. Affected is an unknown function of the file /php_action/createUser.php. The manipulation of the argument userName with the input lala<img src="" onerror=alert(1)> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://github.com/ch0ing/vul/blob/main/WebRay.com.cn/Garage%20Management%20System(XSS).md
https://vuldb.com/?id.205302

Copyright 2026, cxsecurity.com

 

Back to Top