6 matches found
EUVD-2026-29009
A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/salessave. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...
PT-2026-39561
A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...
EUVD-2026-28956
A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacte...
CVE-2026-8221 Devs Palace ERP Online item-save cross site scripting
A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacte...
CVE-2026-8219
DevS Palace ERP Online (up to 4.0.0) has a Cross-Site Scripting flaw in the /inventory/supplier-save function. The description notes manipulation leads to XSS and remote exploitation is possible; exploit disclosed publicly. Root cause and exact vulnerable component are not detailed beyond this, a...
CVE-2026-8218 Devs Palace ERP Online purchase_return_save cross site scripting
A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...