Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 4:23 a.m.7 views

CVE-2023-48903

Stored Cross-Site Scripting XSS vulnerability in tramyardg autoexpress 1.3.0, allows remote unauthenticated attackers to inject arbitrary web script or HTML within parameter "imgType" via in uploadCarImages.php...

6.1CVSS5.6AI score0.00571EPSS
Exploits3
CVE
CVE
added 2024/03/21 12:0 a.m.60 views

CVE-2023-48903

CVE-2023-48903 affects tramyardg Autoexpress 1.3.0. The stored XSS occurs in the uploadCarImages.php flow, where user-supplied input in the imgType (also reported as imageType[]) parameter can be injected to execute arbitrary script/HTML. The vulnerability is demonstrated in public writeups and P...

6.1CVSS5.6AI score0.00571EPSS
Exploits3References1Affected Software1
0day.today
0day.today
added 2024/03/20 12:0 a.m.371 views

Tramyardg Autoexpress 1.3.0 Cross Site Scripting Vulnerability

Exploit Title: tramyardg autoexpress - Stored Cross-Site Scripting XSS Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48903 References:...

6.1CVSS6.4AI score0.00571EPSS
Exploits3
Packet Storm
Packet Storm
added 2024/03/19 12:0 a.m.254 views

Tramyardg Autoexpress 1.3.0 Cross Site Scripting

Exploit Title: tramyardg autoexpress - Stored Cross-Site Scripting XSS Google Dork: N/A Date: 11/28/2023 Exploit Author: Scott White Vendor Homepage: https://github.com/tramyardg/autoexpress Version: v1.3.0 Tested on: Ubuntu 22.04.3 LTS + Apache/2.4.52 CVE : CVE-2023-48903 References:...

7.4AI score0.00571EPSS
Exploits3
Rows per page
Query Builder