27 matches found
CVE-2026-38936
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/selectindices.php via the namecontains parameter...
CVE-2026-38935
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settingsprocess.php...
CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settingsprocess.php...
CVE-2026-38936
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/selectindices.php via the namecontains parameter...
CVE-2026-38935
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
Diskover Community Edition 跨站脚本漏洞
Diskover Community Edition is an open-source file manager developed by Diskover Data. Versions of Diskover Community Edition 2.3.5 and earlier had a cross-site scripting vulnerability, which stemmed from the doctype parameter in the public/view.php file, allowing for reflective cross-site scripti...
Diskover Community Edition 跨站脚本漏洞
Diskover Community Edition is an open-source file manager developed by Diskover Data. Versions of Diskover Community Edition 2.3.5 and earlier had a cross-site scripting vulnerability, which stemmed from the use of the nameContains parameter in the public/selectindices.php file, leading to...
CVE-2026-38935
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settingsprocess.php...
CVE-2026-38935
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
Diskover Community Edition 跨站请求伪造漏洞
Diskover Community Edition is an open-source file manager developed by Diskover Data. Versions of Diskover Community Edition 2.3.5 and earlier contained a cross-site request forgeing vulnerability. This vulnerability arises from cross-site request forgery attacks, allowing remote attackers to...
CVE-2026-38936
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/selectindices.php via the namecontains parameter...
CVE-2026-38936
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/selectindices.php via the namecontains parameter...
CVE-2026-38934
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settingsprocess.php...
CVE-2026-38935
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
PT-2026-35457
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/view.php via the doctype parameter...
PT-2026-35456
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings process.php...
CVE-2026-38934
CVE-2026-38934 affects diskoverdata diskover-community v2.3.5 and earlier. The issue is a Cross-Site Request Forgery vulnerability in public/settings_process.php that permits a remote attacker to escalate privileges and access sensitive information. The CVE details provide a high-severity impact ...
CVE-2026-38936
A reflected cross-site scripting XSS vulnerability exists in diskover-community = 2.3.5 in public/selectindices.php via the namecontains parameter...