CVE-2026-8221

Dev s Palace ERP Online (versions up to 4.0.0) is affected by a cross-site scripting flaw in the /inventory/item-save function. The issue stems from a manipulation that enables XSS, with remote exploitation possible and an exploit published. The records indicate the vendor was contacted but did n...

EUVD-2025-27132

Malicious code in bioql PyPI...

CVE-2025-10064

A security flaw has been discovered in itsourcecode POS Point of Sale System 1.0. This issue affects some unknown processing of the file /inventory/main/vendors/datatables/unittesting/templates/domdatatwoheaders.php. The manipulation of the argument scripts results in cross site scripting. The...

CVE-2025-10027 itsourcecode POS Point of Sale System 2512.php cross site scripting

A vulnerability was determined in itsourcecode POS Point of Sale System 1.0. Affected by this issue is some unknown functionality of the file /inventory/main/vendors/datatables/unittesting/templates/2512.php. This manipulation of the argument scripts causes cross site scripting. The attack can be...

CVE-2020-24862

The catID parameter in Pharmacy Medical Store and Sale Point v1.0 has been found to be vulnerable to a Time-Based blind SQL injection via the /medical/inventories.php path which allows attackers to retrieve all databases...