Full title: Tramyardg Autoexpress 1.3.0 Authentication Bypass Vulnerability Category: web applications Platform: php Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles. # 0day.today @ http://0day.today/