Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
domainmod vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-19752
DomainMOD up to and including 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
Domainmod Domainmod
4.3
CVSSv2
CVE-2018-19136
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.
Domainmod Domainmod
1 EDB exploit
4.3
CVSSv2
CVE-2018-19137
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter.
Domainmod Domainmod
3.5
CVSSv2
CVE-2018-20010
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-20011
DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field.
Domainmod Domainmod
1 EDB exploit
3.5
CVSSv2
CVE-2018-19915
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field.
Domainmod Domainmod
1 EDB exploit
7.5
CVSSv2
CVE-2020-12735
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.
Domainmod Domainmod 4.13.0
7.5
CVSSv2
CVE-2020-35358
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On changing a password, both sessions using the changed password and old sessions in any other browser or device do not expire and remain active. Such flaws frequently give attackers unau...
Domainmod Domainmod 4.15.0
3.5
CVSSv2
CVE-2020-20988
A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter.
Domainmod Domainmod 4.13.0
4.3
CVSSv2
CVE-2020-20989
A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows malicious users to arbitrarily delete logs.
Domainmod Domainmod 4.13.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27975
CVE-2024-2961
CVE-2024-20380
XML injection
HTML injection
CVE-2024-29204
CVE-2023-51795
memory leak
CVE-2024-3470
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »