Tramyardg Autoexpress 1.3.0 Authentication Bypass

Tramyardg Autoexpress version 1.3.0 allows for authentication bypass via unauthenticated API access to admin functionality. This could allow a remote anonymous attacker to delete or update vehicles as well as upload images for vehicles.

1.3.0 access admin anonymous api attacker authentication authentication bypass bypass delete images unauthenticated update upload vehicles version version 1