Vulnerabilities > Domainmod > Domainmod > 4.10.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-20 | CVE-2019-9080 | Use of Password Hash With Insufficient Computational Effort vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 7.5 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |
| 2019-07-18 | CVE-2019-1010096 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 8.8 |
| 2019-07-18 | CVE-2019-1010095 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 8.8 |
| 2019-07-18 | CVE-2019-1010094 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 8.8 |
| 2018-12-20 | CVE-2018-1000856 | Cross-site Scripting vulnerability in Domainmod DomainMOD version 4.09.03 and above. | 4.8 |
| 2018-12-10 | CVE-2018-20011 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field. | 4.8 |
| 2018-12-10 | CVE-2018-20010 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field. | 4.8 |
| 2018-12-10 | CVE-2018-20009 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field. | 4.8 |
| 2018-12-06 | CVE-2018-19915 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field. | 4.8 |