diskover-community

CVEs (3)

CVE	Vendor / Product	Sev	Risk	CVSS	Published	Description
CVE-2026-38934	VadlaReddySai Diskoverdata Cve Writeups	Hig	0.57	8.8	Apr 27, 2026	Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
CVE-2026-38936	VadlaReddySai Diskoverdata Cve Writeups	Med	0.40	6.1	Apr 27, 2026	A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
CVE-2026-38935	VadlaReddySai Diskoverdata Cve Writeups	Med	0.40	6.1	Apr 27, 2026	A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter

CVE-2026-38934HigApr 27, 2026
VadlaReddySai
Diskoverdata Cve Writeups
risk 0.57cvss 8.8epss 0.00
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
CVE-2026-38936MedApr 27, 2026
VadlaReddySai
Diskoverdata Cve Writeups
risk 0.40cvss 6.1epss 0.00
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
CVE-2026-38935MedApr 27, 2026
VadlaReddySai
Diskoverdata Cve Writeups
risk 0.40cvss 6.1epss 0.00
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter