CVE-2024-30974 Information

Description

SQL Injection vulnerability in autoexpress v.1.3.0 allows attackers to run arbitrary SQL commands via the carId parameter.

Reference

https://github.com/torchstar/autoexpress/blob/master/buginfodetail.md