Some comments regarding your code, go in this order:
You do not need to specify text/javascript
The instruction should not be window.prompt , instead it only deals with prompt()
I do not see where you declare to later use the PHP variable called $NIdV , you need it to exist because you are using it in your SQL
In the end, your code should look like this
<?php
if($tProducto == "AS")
{
$sprod = "";
?>
<script>
var serie = prompt("Ingrese el Número de Serie del producto");
</script>
<?php
$sprod = "<script> document.write(serie) </script>";
include("datos.php");
$consultaserie = "UPDATE detalle_pedido_venta set DPV_Serie = '$sprod' where DPV_Detalle_Pedido_Venta = '$NIdV'";
$results = mysqli_query($db,$consultaserie);
UPDATE
You are using the mysqli extension, but you do not use prepared statements which makes your SQL totally insecure, I'll give you the following example and explain what you should do
$consultaserie = $db->prepare("UPDATE detalle_pedido_venta set DPV_Serie = ? where DPV_Detalle_Pedido_Venta = ?");
$consultaserie->bind_param("ss", $prod, $NIdV);
$consultaserie->execute();
Instead of placing the variables directly in the SQL, replace them with placeholders with the% sign ?
For your code I read, I assume that the variable where you save the connection data is db, so how can you see the prepare() method for the SQL query?
With bind param I will indicate the type of data that will arrive from each one, if number is i, if it is a text string and you have to declare it in the same order as your SQL requires, all this in quotes as you can check in the example
therein within bind param only separated by commas you declare the variables that have the values that you are going to occupy in your SQL also in the same order they are required
At the end you access the method execute () so that your query is carried out