ReportizFlow
Filtered by vendor Domainmod
Subscriptions
Total
31 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19749 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | ||||
| CVE-2018-19137 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter. | ||||
| CVE-2018-19136 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter. | ||||
| CVE-2018-11559 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter. | ||||
| CVE-2018-11558 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter. | ||||
| CVE-2018-11404 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter. | ||||
| CVE-2018-11403 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter. | ||||
| CVE-2018-1000856 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear to be exploitable via Victim must visit the vulnerable page. This vulnerability appears to have been fixed in No fix yet. | ||||
| CVE-2024-48624 | 1 Domainmod | 1 Domainmod | 2024-10-16 | 5.3 Medium |
| In segments\edit.php of DomainMOD below v4.12.0, the segid parameter in the GET request can be exploited to cause a reflected Cross Site Scripting (XSS) vulnerability. | ||||
| CVE-2024-48622 | 1 Domainmod | 1 Domainmod | 2024-10-16 | 6.6 Medium |
| A cross-site scripting (XSS) issue in DomainMOD below v4.12.0 allows remote attackers to inject JavaScript code via admin/domain-fields/edit.php and the cdfid parameter. | ||||
| CVE-2024-48623 | 1 Domainmod | 1 Domainmod | 2024-10-16 | 5.3 Medium |
| In queue\index.php of DomainMOD below v4.12.0, the list_id and domain_id parameters in the GET request can be exploited to cause a reflected Cross Site Scripting (XSS). | ||||