Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

11 matches found

CVE
CVEadded 2025/11/23 10:32 a.m.10 views

CVE-2025-13546

CVE-2025-13546 concerns a SQL injection in the Travel Agency app by Ashraf Kabir. The vulnerability affects the file /results.php in the Search component, stemming from manipulation of the argument (user_query or user query) which enables remote exploitation. Public exploit activity is indicated ...

9.8CVSS6.4AI score0.00317EPSS
Exploits1References4Affected Software1
OSV
OSVadded 2025/11/23 10:15 a.m.4 views

CVE-2025-13545

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

7.2CVSS5.7AI score0.00334EPSS
Exploits1References4
Cvelist
Cvelistadded 2025/11/23 10:2 a.m.15 views

CVE-2025-13545 ashraf-kabir travel-agency index.php sql injection

A security vulnerability has been detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this vulnerability is an unknown functionality of the file /adminarea/index.php. The manipulation of the argument editpack leads to sql injection. The attack can be...

5.8CVSS0.00334EPSS
Exploits1References4
CVE
CVEadded 2025/11/23 10:2 a.m.16 views

CVE-2025-13545

CVE-2025-13545 affects ashraf-kabir travel-agency; vulnerable component is the /admin_area/index.php file where manipulating the edit_pack parameter triggers an SQL injection. The vulnerability can be exploited remotely and has been publicly disclosed. No concrete product versions or fixed releas...

7.2CVSS6.6AI score0.00334EPSS
Exploits1References4Affected Software1
EUVD
EUVDadded 2025/11/23 9:30 a.m.2 views

EUVD-2025-198562

A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customerregister.php. Executing manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has bee...

6.5CVSS6.1AI score0.0033EPSS
Exploits1References5
NVD
NVDadded 2025/11/23 9:15 a.m.6 views

CVE-2025-13544

A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customerregister.php. Executing manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has bee...

9.8CVSS0.0033EPSS
Exploits1References4
OSV
OSVadded 2025/11/23 9:15 a.m.2 views

CVE-2025-13544

A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customerregister.php. Executing manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has bee...

9.8CVSS5.5AI score0.0033EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2025/11/23 9:2 a.m.2 views

CVE-2025-13544 ashraf-kabir travel-agency customer_register.php unrestricted upload

A weakness has been identified in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected is an unknown function of the file /customerregister.php. Executing manipulation can lead to unrestricted upload. It is possible to launch the attack remotely. The exploit has bee...

6.5CVSS6.3AI score0.0033EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2025/11/23 12:0 a.m.5 views

PT-2025-47838

A vulnerability was detected in ashraf-kabir travel-agency up to 1f25aa03544bc5fb7a9e846f8a7879cecdb0cad3. Affected by this issue is some unknown functionality of the file /results.php of the component Search. The manipulation of the argument user query results in sql injection. The attack can be...

6.5CVSS7AI score0.00317EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/11/23 12:0 a.m.3 views

Travel Agency SQL注入漏洞

Travel Agency is a travel management website by Ashraf Kabir, an individual developer. Travel Agency suffers from a SQL injection vulnerability that stems from incorrect manipulation of the parameter userquery in the file /results.php, which could lead to SQL injection...

9.8CVSS6.9AI score0.00317EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/11/23 12:0 a.m.2 views

Travel Agency SQL注入漏洞

Travel Agency is a travel management website by Ashraf Kabir, an individual developer. Travel Agency suffers from an SQL injection vulnerability that stems from incorrect manipulation of the parameter editpack in the file /adminarea/index.php, which could lead to SQL injection...

7.2CVSS5.7AI score0.00334EPSS
Exploits1References5
Rows per page
Query Builder