Filtered by vendor Domainmod
Subscribe
Total
28 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-19749 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | |||||
CVE-2018-19137 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter. | |||||
CVE-2018-19136 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter. | |||||
CVE-2018-11559 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter. | |||||
CVE-2018-11558 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter. | |||||
CVE-2018-11404 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter. | |||||
CVE-2018-11403 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter. | |||||
CVE-2018-1000856 | 1 Domainmod | 1 Domainmod | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting (XSS) vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear to be exploitable via Victim must visit the vulnerable page. This vulnerability appears to have been fixed in No fix yet. |