Vulnerabilities > Domainmod > Domainmod > 4.12.0

DATE CVE VULNERABILITY TITLE RISK
2020-10-20 CVE-2019-9080 Use of a Broken or Risky Cryptographic Algorithm vulnerability in Domainmod
DomainMOD before 4.14.0 uses MD5 without a salt for password storage.
network
low complexity
domainmod CWE-327
5.0
2019-08-29 CVE-2019-15811 Cross-site Scripting vulnerability in Domainmod
In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS.
network
low complexity
domainmod CWE-79
6.1