VadlaReddySai

4 exploits Active since Apr 2026
CVE-2026-38934 NOMISEC HIGH SUSPICIOUS
diskoverdata diskover-community <=2.3.5 - CSRF
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
CVSS 8.8
CVE-2026-38934 WRITEUP HIGH WRITEUP
diskoverdata diskover-community <=2.3.5 - CSRF
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
CVSS 8.8
CVE-2026-38935 WRITEUP MEDIUM WRITEUP
diskover-community <= 2.3.5 - Reflected Cross-Site Scripting via Doctype Parameter
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter
CVSS 6.1
CVE-2026-38936 WRITEUP MEDIUM WRITEUP
diskover-community <= 2.3.5 - Reflected Cross-Site Scripting via namecontains Parameter
A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter
CVSS 6.1