CVE-2026-8254 in ERP Onlineالمعلومات

الملخص

بحسب MITRE • 11/05/2026

A security flaw has been discovered in Devs Palace ERP Online up to 4.0.0. Affected by this issue is some unknown functionality of the file /inventory/sales_save. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

مسؤول

VulDB

إفشاء

11/05/2026

الاعتدال

تمت الموافقة

إدخال

VDB-362551

CPE

جاهز

CWE

CWE-79 (مؤكد)

استغلال

تحميل

CVSS

2.4 (VulDB)

EPSS

0.00010

KEV

لا

النشاطات

منخفض جدًا

القطاع

Police, Insurance, ...

المصادر

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-8254
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-8254
CVE Details	https://www.cvedetails.com/cve/CVE-2026-8254/

التالي ▸نظرة عامة ◂ السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!