Vulnerabilities > Domainmod > Domainmod > 0.33.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-20 | CVE-2019-9080 | Use of Password Hash With Insufficient Computational Effort vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 7.5 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |
| 2018-12-06 | CVE-2018-19892 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field. | 4.8 |
| 2018-11-29 | CVE-2018-19750 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields. | 5.4 |
| 2018-11-09 | CVE-2018-19137 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter. | 6.1 |
| 2018-11-09 | CVE-2018-19136 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter. | 6.1 |