2 matches found
CVE-2024-30974
Summary: CVE-2024-30974 affects autoexpress v1.3.0 and is described as a SQL Injection via the carId parameter, enabling attackers to execute arbitrary SQL commands. The primary sources (NVD/Red Hat/CVE listings) consistently state this vulnerability originates from unsafely handling the carId in...
CVE-2024-30974
SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter...