Lucene search
K

6 matches found

EUVD
EUVD
added 2026/05/11 12:31 a.m.33 views

EUVD-2026-29009

A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/salessave. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...

4.8CVSS4.2AI score0.00253EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.20 views

PT-2026-39561

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/10 3:33 a.m.11 views

EUVD-2026-28956

A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacte...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/05/10 2:15 a.m.7 views

CVE-2026-8221 Devs Palace ERP Online item-save cross site scripting

A flaw has been found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /inventory/item-save. This manipulation causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been published and may be used. The vendor was contacte...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 1:45 a.m.24 views

CVE-2026-8219

DevS Palace ERP Online (up to 4.0.0) has a Cross-Site Scripting flaw in the /inventory/supplier-save function. The description notes manipulation leads to XSS and remote exploitation is possible; exploit disclosed publicly. Root cause and exact vulnerable component are not detailed beyond this, a...

4.8CVSS4.2AI score0.00258EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 1:30 a.m.8 views

CVE-2026-8218 Devs Palace ERP Online purchase_return_save cross site scripting

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS4.1AI score0.00206EPSS
Exploits0References5
Rows per page
Query Builder