Lucene search
K

27 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.7 views

CVE-2026-8256

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. T...

4.8CVSS3.6AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/11 8:27 p.m.13 views

CVE-2026-8220

A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted ear...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/11 3:31 a.m.32 views

EUVD-2026-29011

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. T...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References5
CVE
CVE
added 2026/05/11 1:45 a.m.22 views

CVE-2026-8262

CVE-2026-8262 affects Devs Palace ERP Online up to version 4.0.0. The issue involves manipulation of the file/function /accounts/chart-save that leads to cross-site scripting (XSS). The vulnerability is exploitable remotely over the network; the exploit is publicly available. Affected component: ...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/11 1:45 a.m.59 views

CVE-2026-8262 Devs Palace ERP Online chart-save cross site scripting

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

4.8CVSS0.00202EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/11 12:15 a.m.9 views

CVE-2026-8256 Devs Palace ERP Online mr-save cross site scripting

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. This vulnerability affects unknown code of the file /accounts/mr-save. Such manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. T...

4.8CVSS4.1AI score0.00202EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/11 12:0 a.m.13 views

EUVD-2026-29010

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. This affects an unknown part of the file /inventory/addnewcustomer. This manipulation causes cross site scripting. The attack can be initiated remotely. The exploit has been made available to the public and could be used for...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References4
CVE
CVE
added 2026/05/11 12:0 a.m.19 views

CVE-2026-8255

CVE-2026-8255 affects Devs Palace ERP Online up to version 4.0.0, impacting an unknown portion of the file /inventory/add_new_customer. The vulnerability enables cross-site scripting (XSS) through a manipulation of that endpoint, with remote attack capability. The exploitation possibility is supp...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Devs Palace ERP Online 跨站脚本漏洞

Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from operations on unknown code located in...

4.8CVSS5.7AI score0.00202EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.9 views

Devs Palace ERP Online 跨站脚本漏洞

Devs Palace ERP Online is a cloud-based enterprise resource planning and business management system developed by Devs Palace. Versions of Devs Palace ERP Online 4.0.0 and earlier contained a cross-site scripting vulnerability. This vulnerability stemmed from operations on unknown code located in...

4.8CVSS5.7AI score0.00202EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/10 11:45 p.m.11 views

CVE-2026-8254

A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/salessave. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...

4.8CVSS4.2AI score0.00253EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/05/10 3:33 a.m.12 views

EUVD-2026-28954

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS4.1AI score0.00206EPSS
Exploits0References6
NVD
NVD
added 2026/05/10 3:16 a.m.17 views

CVE-2026-8220

A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted ear...

4.8CVSS0.00202EPSS
Exploits0References4
NVD
NVD
added 2026/05/10 2:16 a.m.28 views

CVE-2026-8218

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS0.00206EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/10 2:0 a.m.41 views

CVE-2026-8220 Devs Palace ERP Online customer-save cross site scripting

A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted ear...

4.8CVSS0.00202EPSS
Exploits0References4
CVE
CVE
added 2026/05/10 2:0 a.m.19 views

CVE-2026-8220

CVE-2026-8220 affects Devs Palace ERP Online up to version 4.0.0. A vulnerability in an unknown function of the file /inventory/customer-save enables cross-site scripting. The issue permits remote execution, with exploit publicly available per the description. Documents do not specify affected ve...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/05/10 1:45 a.m.9 views

CVE-2026-8219 Devs Palace ERP Online supplier-save cross site scripting

A security vulnerability has been detected in Devs Palace ERP Online up to 4.0.0. The impacted element is an unknown function of the file /inventory/supplier-save. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit has been disclosed publicl...

4.8CVSS4.2AI score0.00258EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/10 1:30 a.m.5 views

CVE-2026-8218

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS4.1AI score0.00206EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/05/10 1:30 a.m.57 views

CVE-2026-8218 Devs Palace ERP Online purchase_return_save cross site scripting

A weakness has been identified in Devs Palace ERP Online up to 4.0.0. The affected element is an unknown function of the file /inventory/purchasereturnsave. Executing a manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been made available to the...

4.8CVSS0.00206EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.20 views

PT-2026-39547

A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/sales save. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the...

4.8CVSS4.2AI score0.00253EPSS
Exploits0References5
Rows per page
Query Builder