CVE-2022-41358
Description
Garage Management System v1.0 has a stored XSS vulnerability via the categoriesName parameter in createCategories.php, allowing arbitrary script execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Garage Management System v1.0 has a stored XSS vulnerability via the categoriesName parameter in createCategories.php, allowing arbitrary script execution.
Vulnerability
Garage Management System v1.0, a PHP/MySQL application [2], is vulnerable to stored cross-site scripting (XSS) in the categoriesName parameter of /garage/php_action/createCategories.php. The application relies only on client-side validation to prevent XSS; no server-side sanitization is applied, allowing arbitrary payloads to be stored and executed when the category list is viewed [1][3][4].
Exploitation
An attacker with network access to the web interface can bypass client-side validation by intercepting the category creation request (e.g., via Burp Suite) and modifying the categoriesName parameter to include a malicious script, such as `` [3][4]. The crafted payload is then sent to the server and stored. Any user who subsequently loads the categories page will execute the script. The attack does not require authentication beyond normal application access.
Impact
Successful exploitation enables arbitrary client-side script execution in the context of the browser of any user viewing the affected categories. This can lead to session hijacking, credential theft, or defacement. The attacker gains no server-side access but can fully control the user's browser session within the application.
Mitigation
As of the available references, no official patch or fixed version has been released; the vendor has not addressed the vulnerability [2]. Since the application relies solely on client-side validation, server-side input sanitization and output encoding must be implemented to remediate the issue. The vulnerability is not listed in CISA's Known Exploited Vulnerabilities catalog.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Garage Management System/Garage Management Systemdescription
- Range: =1.0
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing server-side input sanitization of the categoriesName parameter allows stored XSS."
Attack vector
An attacker submits a crafted POST request to /garage/php_action/createCategories.php with a malicious payload in the categoriesName parameter, such as <script>alert(1)</script> [ref_id=1]. The application only performs client-side validation, so the attacker uses a proxy like Burp to intercept and modify the request, bypassing the browser's JavaScript checks [ref_id=1]. The unsanitized payload is stored on the server and executed when an administrator or other user views the categories page [ref_id=2].
Affected code
The vulnerable endpoint is /garage/php_action/createCategories.php, specifically the handling of the categoriesName POST parameter [ref_id=1][ref_id=2]. The application relies on client-side validation only and does not sanitize this input server-side before storing it.
What the fix does
No patch is published in the bundle. The advisory recommends implementing server-side validation and sanitization of the categoriesName parameter in createCategories.php, rather than relying solely on client-side JavaScript checks [ref_id=1]. Proper server-side escaping or encoding of HTML/JavaScript special characters before storage would prevent the stored XSS.
Preconditions
- networkAttacker must have network access to the Garage Management System web application
- configApplication relies only on client-side validation with no server-side sanitization
- inputAttacker must be able to intercept or modify HTTP requests (e.g., using Burp Suite)
Reproduction
1. Navigate to the add-category page at /garage/add-category.php. 2. Intercept the form submission with a proxy (e.g., Burp Suite). 3. Modify the categoriesName parameter value to <script>alert(1)</script> [ref_id=1]. 4. Forward the modified request to /garage/php_action/createCategories.php. 5. The payload is stored and will execute when the categories list is viewed.
Generated on May 26, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
5- packetstormsecurity.com/files/168718/Garage-Management-System-1.0-Cross-Site-Scripting.htmlmitre
- cxsecurity.com/issue/WLB-2022100037mitre
- vulmon.com/vulnerabilitydetailsmitre
- www.samwallace.dev/research/Stored%20XSS%20in%20GMS%201.0mitre
- www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.htmlmitre
News mentions
0No linked articles in our index yet.