AutoExpress SQL注入漏洞

AutoExpress is a car dealership application for car dealers and car buyers by Raymart DG Individual Developers. AutoExpress version v.1.3.0 suffers from a SQL injection vulnerability that originates from allowing an attacker to run arbitrary SQL commands via the carId parameter...