VadlaReddySai - Security Researcher - Exploit Intelligence Platform

CVE-2026-38934 NOMISEC HIGH SUSPICIOUS

diskoverdata diskover-community <=2.3.5 - CSRF

Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php

CVSS 8.8

View Code

CVE-2026-38934 WRITEUP HIGH WRITEUP

diskoverdata diskover-community <=2.3.5 - CSRF

Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php

CVSS 8.8

View Code

CVE-2026-38935 WRITEUP MEDIUM WRITEUP

diskover-community <=2.3.5 - XSS

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter

CVSS 6.1

View Code

CVE-2026-38936 WRITEUP MEDIUM WRITEUP

diskover-community <=2.3.5 - XSS

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter

CVSS 6.1

View Code