{"api_version":"1","generated_at":"2026-04-23T15:19:57+00:00","cve":"CVE-2022-36668","urls":{"html":"https://cve.report/CVE-2022-36668","api":"https://cve.report/api/cve/CVE-2022-36668.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-36668","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-36668"},"summary":{"title":"CVE-2022-36668","description":"Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-09-14 11:15:00","updated_at":"2022-09-16 03:02:00"},"problem_types":["CWE-79"],"metrics":[],"references":[{"url":"https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md","name":"https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md","refsource":"MISC","tags":[],"title":"POC-DUMP/README.md at main · saitamang/POC-DUMP · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html","name":"https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html","refsource":"MISC","tags":[],"title":"Garage Management System using PHP/MySQL Free Source Code | Free Source Code Projects and Tutorials","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-36668","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-36668","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"36668","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"garage_management_system_project","cpe5":"garage_management_system","cpe6":"1.0","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-36668","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"Garage Management System 1.0 is vulnerable to Stored Cross Site Scripting (XSS) on several parameters. The vulnerabilities exist during creating or editing the parts under parameters. Using the XSS payload, the Stored XSS triggered and can be used for further attack vector."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html","refsource":"MISC","name":"https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html"},{"refsource":"MISC","name":"https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md","url":"https://github.com/saitamang/POC-DUMP/blob/main/Garage%20Management%20System/README.md"}]}},"nvd":{"publishedDate":"2022-09-14 11:15:00","lastModifiedDate":"2022-09-16 03:02:00","problem_types":["CWE-79"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE","baseScore":5.4,"baseSeverity":"MEDIUM"},"exploitabilityScore":2.3,"impactScore":2.7}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:garage_management_system_project:garage_management_system:1.0:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}