Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
domainmod domainmod vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2020-20988
A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter.
Domainmod Domainmod 4.13.0
4.3
CVSSv2
CVE-2020-20989
A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows malicious users to arbitrarily delete logs.
Domainmod Domainmod 4.13.0
3.5
CVSSv2
CVE-2020-20990
A cross site scripting (XSS) vulnerability in the /segments/edit.php component of Domainmod 4.13 allows malicious users to execute arbitrary web scripts or HTML via the Segment Name parameter.
Domainmod Domainmod 4.13.0
7.5
CVSSv2
CVE-2020-35358
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On changing a password, both sessions using the changed password and old sessions in any other browser or device do not expire and remain active. Such flaws frequently give attackers unau...
Domainmod Domainmod 4.15.0
5
CVSSv2
CVE-2019-9080
DomainMOD prior to 4.14.0 uses MD5 without a salt for password storage.
Domainmod Domainmod
7.5
CVSSv2
CVE-2020-12735
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.
Domainmod Domainmod 4.13.0
4.3
CVSSv2
CVE-2019-15811
In DomainMOD up to and including 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS.
Domainmod Domainmod
1 EDB exploit
6.8
CVSSv2
CVE-2019-1010094
domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2...
Domainmod Domainmod 4.10.0
6.8
CVSSv2
CVE-2019-1010095
DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can add the administrator account. The component is: admin/users/add.php. The attack vector is: After the administrator logged in, open the html page.
Domainmod Domainmod 4.10.0
6.8
CVSSv2
CVE-2019-1010096
DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change the read-only user to admin. The component is: admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page...
Domainmod Domainmod 4.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »