First published: Fri Sep 02 2022(Updated: )
An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Garage Management System Project Garage Management System | =1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-36638 is an access control issue in the component print.php of Garage Management System v1.0 that allows unauthenticated attackers to access data for all existing orders.
The severity of CVE-2022-36638 is medium, with a CVSS score of 5.3.
CVE-2022-36638 allows unauthenticated attackers to access data for all existing orders in Garage Management System v1.0.
To fix CVE-2022-36638 in Garage Management System v1.0, implement proper access controls in the print.php component to prevent unauthenticated access to sensitive data.
You can find more information about CVE-2022-36638 in the following references: [Reference 1](https://senzee.net/index.php/2022/07/21/vulnerability-of-garage-management-system-1-0/) and [Reference 2](https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html).