cve/CVE-2023-48901.md at main

admin/cve

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-05 10:17:57 +00:00

0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49

2024-05-28 08:49:17 +00:00

741 B

Raw Permalink Blame History

CVE-2023-48901

Description

A SQL injection vulnerability in tramyardg Autoexpress version 1.3.0, allows remote unauthenticated attackers to execute arbitrary SQL commands via the parameter "id" within the getPhotosByCarId function call in details.php.

POC

Reference

https://packetstormsecurity.com/files/177660/Tramyardg-Autoexpress-1.3.0-SQL-Injection.html

Github

https://github.com/NaInSec/CVE-LIST

741 B Raw Permalink Blame History

CVE-2023-48901

Description

POC

Reference

Github

741 B

Raw Permalink Blame History