CVE-2022-36638
First published: Fri Sep 02 2022(Updated: )
An access control issue in the component print.php of Garage Management System v1.0 allows unauthenticated attackers to access data for all existing orders.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Garage Management System Project Garage Management System | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2022-36638?
CVE-2022-36638 is an access control issue in the component print.php of Garage Management System v1.0 that allows unauthenticated attackers to access data for all existing orders.
What is the severity of CVE-2022-36638?
The severity of CVE-2022-36638 is medium, with a CVSS score of 5.3.
How does CVE-2022-36638 affect Garage Management System v1.0?
CVE-2022-36638 allows unauthenticated attackers to access data for all existing orders in Garage Management System v1.0.
How can I fix CVE-2022-36638 in Garage Management System v1.0?
To fix CVE-2022-36638 in Garage Management System v1.0, implement proper access controls in the print.php component to prevent unauthenticated access to sensitive data.
Where can I find more information about CVE-2022-36638?
You can find more information about CVE-2022-36638 in the following references: [Reference 1](https://senzee.net/index.php/2022/07/21/vulnerability-of-garage-management-system-1-0/) and [Reference 2](https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html).
- collector/nvd-index
- vendor/garage management system project
- canonical/garage management system project garage management system
- version/garage management system project garage management system/1.0