An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php.
Metrics
Affected Vendors & Products
References
History
Thu, 08 Aug 2024 20:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-269 | |
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-03-21T00:00:00
Updated: 2024-08-08T18:54:59.386Z
Reserved: 2023-11-20T00:00:00
Link: CVE-2023-48902
Vulnrichment
Updated: 2024-08-02T21:46:28.421Z
NVD
Status : Awaiting Analysis
Published: 2024-03-21T04:15:09.013
Modified: 2024-08-08T19:35:03.727
Link: CVE-2023-48902
Redhat
No data.