Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
domainmod vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2018-11558
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
Domainmod Domainmod 4.10.0
9.8
CVSSv3
CVE-2020-12735
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.
Domainmod Domainmod 4.13.0
6.1
CVSSv3
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter.
Domainmod Domainmod 4.09.03
1 EDB exploit
8.8
CVSSv3
CVE-2019-1010094
domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2...
Domainmod Domainmod 4.10.0
8.8
CVSSv3
CVE-2019-1010096
DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change the read-only user to admin. The component is: admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page...
Domainmod Domainmod 4.10.0
4.3
CVSSv3
CVE-2020-20989
A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows malicious users to arbitrarily delete logs.
Domainmod Domainmod 4.13.0
9.8
CVSSv3
CVE-2020-35358
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On changing a password, both sessions using the changed password and old sessions in any other browser or device do not expire and remain active. Such flaws frequently give attackers unau...
Domainmod Domainmod 4.15.0
5.4
CVSSv3
CVE-2018-11559
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter.
Domainmod Domainmod 4.10.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3