CVE-2023-48901

CVE-2023-48901 · Severity

A SQL injection vulnerability in tramyardg Autoexpress version 1.3.0, allows remote unauthenticated attackers to execute arbitrary SQL commands via the parameter "id" within the getPhotosByCarId function call in details.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.