Vulnerabilities > Domainmod > Domainmod > 4.11.01

DATE CVE VULNERABILITY TITLE RISK
2020-10-20 CVE-2019-9080 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Domainmod
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
network
low complexity
domainmod CWE-327
5.0
2019-08-29 CVE-2019-15811 Cross-site Scripting vulnerability in Domainmod
In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS.
network
low complexity
domainmod CWE-79
6.1
2018-12-20 CVE-2018-1000856 Cross-site Scripting vulnerability in Domainmod
DomainMOD version 4.09.03 and above.
network
domainmod CWE-79
3.5
2018-12-10 CVE-2018-20011 Cross-site Scripting vulnerability in Domainmod
DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field.
network
domainmod CWE-79
3.5
2018-12-10 CVE-2018-20010 Cross-site Scripting vulnerability in Domainmod
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.
network
domainmod CWE-79
3.5
2018-12-10 CVE-2018-20009 Cross-site Scripting vulnerability in Domainmod
DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field.
network
domainmod CWE-79
3.5
2018-12-06 CVE-2018-19915 Cross-site Scripting vulnerability in Domainmod
DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field.
network
domainmod CWE-79
3.5
2018-12-06 CVE-2018-19914 Cross-site Scripting vulnerability in Domainmod
DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field.
network
domainmod CWE-79
3.5
2018-12-06 CVE-2018-19913 Cross-site Scripting vulnerability in Domainmod
DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field.
network
domainmod CWE-79
3.5
2018-12-06 CVE-2018-19892 Cross-site Scripting vulnerability in Domainmod
DomainMOD through 4.11.01 has XSS via the admin/dw/add-server.php DisplayName, HostName, or UserName field.
network
domainmod CWE-79
3.5