Vulnerabilities > Domainmod > Domainmod
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-20988 | Cross-site Scripting vulnerability in Domainmod 4.13.0 A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter. | 3.5 |
| 2021-08-12 | CVE-2020-20989 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.13.0 A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs. | 4.3 |
| 2021-08-12 | CVE-2020-20990 | Cross-site Scripting vulnerability in Domainmod 4.13.0 A cross site scripting (XSS) vulnerability in the /segments/edit.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via the Segment Name parameter. | 3.5 |
| 2021-03-15 | CVE-2020-35358 | Insufficient Session Expiration vulnerability in Domainmod 4.15.0 DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. | 7.5 |
| 2020-10-20 | CVE-2019-9080 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 5.0 |
| 2020-05-08 | CVE-2020-12735 | Insufficient Entropy vulnerability in Domainmod 4.13.0 reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover. | 7.5 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |
| 2019-07-18 | CVE-2019-1010096 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010095 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010094 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |