Vulnerabilities > Domainmod
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-20 | CVE-2019-9080 | USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 5.0 |
| 2020-05-08 | CVE-2020-12735 | Insufficient Entropy vulnerability in Domainmod 4.13.0 reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover. | 7.5 |
| 2019-08-29 | CVE-2019-15811 | Cross-Site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 4.3 |
| 2019-07-18 | CVE-2019-1010096 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010095 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010094 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2018-12-20 | CVE-2018-1000856 | Cross-Site Scripting vulnerability in Domainmod DomainMOD version 4.09.03 and above. | 3.5 |
| 2018-12-10 | CVE-2018-20011 | Cross-Site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field. | 3.5 |
| 2018-12-10 | CVE-2018-20010 | Cross-Site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field. | 3.5 |
| 2018-12-10 | CVE-2018-20009 | Cross-Site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field. | 3.5 |