Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
domainmod vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2018-19915
DomainMOD up to and including 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field.
Domainmod Domainmod
1 EDB exploit
4.8
CVSSv3
CVE-2018-1000856
DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. T...
Domainmod Domainmod
5.4
CVSSv3
CVE-2018-19750
DomainMOD up to and including 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields.
Domainmod Domainmod
4.8
CVSSv3
CVE-2018-19752
DomainMOD up to and including 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar.
Domainmod Domainmod
4.8
CVSSv3
CVE-2018-19892
DomainMOD up to and including 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
Domainmod Domainmod
6.1
CVSSv3
CVE-2019-15811
In DomainMOD up to and including 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS.
Domainmod Domainmod
1 EDB exploit
5.4
CVSSv3
CVE-2018-11558
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
Domainmod Domainmod 4.10.0
5.4
CVSSv3
CVE-2018-11559
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter.
Domainmod Domainmod 4.10.0
9.8
CVSSv3
CVE-2020-35358
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On changing a password, both sessions using the changed password and old sessions in any other browser or device do not expire and remain active. Such flaws frequently give attackers unau...
Domainmod Domainmod 4.15.0
5.4
CVSSv3
CVE-2020-20988
A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows malicious users to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter.
Domainmod Domainmod 4.13.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-26925
CVE-2023-41826
LFI
CVE-2022-22364
CVE-2024-2887
command injection
remote code execution
CVE-2024-34446
CVE-2022-48699
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »