Vulnerabilities > Domainmod > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-20989 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.13.0 A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs. | 4.3 |
| 2020-10-20 | CVE-2019-9080 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Domainmod DomainMOD before 4.14.0 uses MD5 without a salt for password storage. | 5.0 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |
| 2019-07-18 | CVE-2019-1010096 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010095 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2019-07-18 | CVE-2019-1010094 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.10.0 domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). | 6.8 |
| 2018-11-09 | CVE-2018-19137 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter. | 4.3 |
| 2018-11-09 | CVE-2018-19136 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter. | 4.3 |
| 2018-05-24 | CVE-2018-11404 | Cross-site Scripting vulnerability in Domainmod 4.09.03 DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter. | 4.3 |