EUVD-2026-37651

Unauthenticated Cross Site Scripting XSS in Auto Repair = 22.6 versions...

CVE-2026-22328

Unauthenticated Cross Site Scripting XSS in Auto Repair = 22.6 versions...

CVE-2026-46935

Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite component: Internal Operations. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2026-46915

Vulnerability in the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite component: Production. Supported versions that are affected are 12.2.3-12.2.15. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

CVE-2026-22328

CVE-2026-22328 corresponds to a reflected XSS in WordPress Theme Auto Repair <= 22.6, described as unauthenticated in the Initial description and reflected XSS in the product detail. CVSS shows Network attack vector, no privileges required, low impact to confidentiality/integrity/availability,...

CVE-2026-22328 WordPress Auto Repair theme <= 22.6 - Reflected Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Auto Repair = 22.6 versions...

PT-2026-50039

Name of the Vulnerable Software and Affected Versions Oracle Complex Maintenance, Repair and Overhaul versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite. A low...

PT-2026-50038

Name of the Vulnerable Software and Affected Versions Oracle Complex Maintenance, Repair and Overhaul versions 12.2.3 through 12.2.15 Description An issue exists in the Internal Operations component of the Oracle Complex Maintenance, Repair and Overhaul product of Oracle E-Business Suite. A low...

Rethinking IoT Intrusion Detection: Augmenting Routing Metrics with Radio Features

Machine learning-based intrusion detection systems IDS for RPL-based IoT networks often rely solely on routing layer features, which provide only a partial view of network behaviour. In this work, we investigate whether incorporating Transmit TX and Receive RX radio features alongside the standar...

CVE-2026-10263

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

CVE-2026-10263

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

CVE-2026-10263

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

EUVD-2026-33645

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

CVE-2026-10263 SourceCodester Computer Repair Shop Management System manage_product.php sql injection

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

CVE-2026-10263 SourceCodester Computer Repair Shop Management System manage_product.php sql injection

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

CVE-2026-10263

CVE-2026-10263 describes a SQL injection in SourceCodester Computer Repair Shop Management System (up to 1.0). The vulnerability is in an unknown function of /admin/products/manage_product.php where manipulating the argument ID leads to injection. The attack is network-reachable and can be attemp...

PT-2026-45425

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manage product.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been mad...

SourceCodester Computer Repair Shop Management System SQL注入漏洞

SourceCodester Computer Repair Shop Management System is an open-source computer repair workshop management system developed by SourceCodester. Versions of the SourceCodester Computer Repair Shop Management System prior to version 1.0 contained SQL injection vulnerabilities. These vulnerabilities...

Towards Demystifying and Repairing LLM-In-The-Loop Vulnerabilities

Large Language ModelsLLMs have been actively integrated into modern software systems as critical components. LLM-in-the-loop vulnerabilities, where vulnerabilities are introduced by LLMs and their dependent downstream components, such as frameworks, introduce new risks. Although some benchmark...

Astra Linux - уязвимость в edk2

The Ubuntu edk2 UEFI firmware packages accidentally allowed access to the UEFI Shell in Secure Boot environments, potentially enabling bypass of Secure Boot restrictions. Versions 2024.05-2ubuntu0.3 and 2024.02-2ubuntu0.3 disable the Shell. Some earlier versions introduced a security measure base...