Garage management system
This hub aggregates every CVE we track for Garage management system, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
1
Critical
9
High
0
In CISA KEV
Severity distribution
MEDIUM11HIGH9LOW2CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Garage management system.
- CVE-2022-44279Garage Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /garage/php_action/createBrand.php.6.1
- CVE-2022-41551Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php.7.2
- CVE-2022-41358A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName p...5.4
- CVE-2022-38877Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php?id=1.7.2
- CVE-2022-36668Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS...5.4
- CVE-2022-36667Garage Management System 1.0 is vulnerable to the Remote Code Execution (RCE) due to the lack of filtering from the file upload function. The vulnerability exist during adding parts and from the up...8.8
- CVE-2022-38606Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editcategory.php.7.2
- CVE-2022-38610Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editclient.php.7.2
- CVE-2022-36639A stored cross-site scripting (XSS) vulnerability in /client.php of Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the n...5.4
- CVE-2022-36638An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders.5.3
- CVE-2022-36637Garage Management System v1.0 was discovered to contain a persistent cross-site scripting (XSS) vulnerability via the brand_name parameter at /brand.php.5.4
- CVE-2022-36636Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.8.8
- CVE-2022-36582An arbitrary file upload vulnerability in the component /php_action/createProduct.php of Garage Management System v1.0 allows attackers to execute arbitrary code via a crafted PHP file.7.2
- CVE-2022-37184The application manage_website.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file.8.8
- CVE-2022-2672SourceCodester Garage Management System createUser.php sql injection6.3
Product normalization is registry-driven with AI assist and human review. How it works