Vulnerability Details CVE-2023-48902
An issue was discovered in tramyardg autoexpress version 1.3.0, allows unauthenticated remote attackers to escalate privileges, update car data, delete vehicles, and upload car images via authentication bypass in uploadCarImages.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 43.3%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-48902
-
cpe:2.3:a:tramyardg:autoexpress:1.3.0