Vulnerability Details - Title: ASHRAF-KABIR TRAVEL-AGENCY SQL INJECTION - Severity: Critical - CVE ID: CVE-2025-13545 (Reported) - Vendor and Product: ashraf-kabir travel-agency up to - Vulnerability Type: SQL Injection - Affected File: - Vulnerable Parameter: - CVE Classification: CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') - Tactics Techniques and Procedures (TTP): T1505: Exploit Public-Facing Application Additional Details - Exploit Status: Exploit exists and is classified as easy to use. - Source: Shared for download on GitHub. - Vendor Response: Vendor was notified early but did not respond.