what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Scott White

Tramyardg Autoexpress 1.3.0 Cross Site Scripting

Posted Mar 19, 2024

Authored by Scott White

Tramyardg Autoexpress version 1.3.0 suffers from a persistent cross site scripting vulnerability.

tags | exploit, xss

advisories | CVE-2023-48903

SHA-256 | e5d38e6f27165a96b83eb9ff1357086d82ad45bbc6a91a8b4f1d9aa5f2e996a5

Download | Favorite | View

Tramyardg Autoexpress 1.3.0 Authentication Bypass

Posted Mar 19, 2024

Authored by Scott White

Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.

tags | exploit, remote, bypass

advisories | CVE-2023-48902

SHA-256 | a6b19ec46406ffd95a91f57125dc469d0979113c3d6a82b162a1b682d2ed2eca

Download | Favorite | View

Tramyardg Autoexpress 1.3.0 SQL Injection

Posted Mar 19, 2024

Authored by Scott White

Tramyardg Autoexpress version 1.3.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

advisories | CVE-2023-48901

SHA-256 | b6a01bb6956141a3ae4c607cc789894c67a647629befb99a934046f4a4a462f1

Download | Favorite | View