11 matches found
CVE-2026-8255
A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/addnewcustomer. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be used for...
Devs Palace ERP Online 跨站脚本漏洞
Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability originated from an unknown portion of the...
EUVD-2026-28955
A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. The impacted element is an unknown function of the file /inventory/supplier-save. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicl...
CVE-2026-8219 Devs Palace ERP Online supplier-save cross site scripting
A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. The impacted element is an unknown function of the file /inventory/supplier-save. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicl...
Devs Palace ERP Online 跨站脚本漏洞
Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability originated from an unknown function in the file...
Vitess 操作系统命令注入漏洞
Vitess is an open-source database cluster system developed by Vitess, designed for horizontal scaling of MySQL databases. Versions of Vitess prior to 23.0.3 and 22.0.4 contained a vulnerability related to operating system command injection. This vulnerability stemmed from the possibility of...
CVE-2018-18752
Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter...
CVE-2025-10066
A security vulnerability has been detected in itsourcecode POS Point of Sale System 1.0. The affected element is an unknown function of the file /inventory/main/vendors/datatables/unittesting/templates/dymanictable.php. Such manipulation of the argument scripts leads to cross site scripting. The...
PT-2025-36402
Name of the Vulnerable Software and Affected Versions: itsourcecode POS Point of Sale System version 1.0 Description: A vulnerability exists in itsourcecode POS Point of Sale System that allows for cross site scripting. The vulnerability affects unknown code within the file...
CVE-2023-2096
A vulnerability was found in SourceCodester Vehicle Service Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/servicerequests/manageinventory.php. The manipulation of the argument id leads to sql injection. It is possible to launch the...
Scanvus – my open source Vulnerability Scanner for Linux hosts and Docker images
Hello everyone! This video was recorded for the VMconf 22 Vulnerability Management conference, vmconf.pw. I will be talking about my open source project Scanvus. This project is already a year old and I use it almost every day. Alternative video link for Russia: Scanvus Simple Credentialed...