3 matches found
CVE-2023-48901
CVE-2023-48901 affects tramyardg Autoexpress v1.3.0. A SQL injection vulnerability exists in the details.php flow, where the getPhotosByCarId function uses the parameter id, enabling remote unauthenticated attackers to execute arbitrary SQL commands. The exploitation details and PoC are reference...
Tramyardg Autoexpress 1.3.0 SQL Injection Vulnerability
Exploit Title: tramyardg autoexpress - SQL Injection Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48901 References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48901...
Tramyardg Autoexpress 1.3.0 SQL Injection
Exploit Title: tramyardg autoexpress - SQL Injection Google Dork: N/A Date: 11/28/2023 Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48901 References:...