Vulnerabilities > Domainmod > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-12 | CVE-2020-20988 | Cross-site Scripting vulnerability in Domainmod 4.13.0 A cross site scripting (XSS) vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter. | 5.4 |
| 2021-08-12 | CVE-2020-20989 | Cross-Site Request Forgery (CSRF) vulnerability in Domainmod 4.13.0 A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs. | 4.3 |
| 2021-08-12 | CVE-2020-20990 | Cross-site Scripting vulnerability in Domainmod 4.13.0 A cross site scripting (XSS) vulnerability in the /segments/edit.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via the Segment Name parameter. | 5.4 |
| 2019-08-29 | CVE-2019-15811 | Cross-site Scripting vulnerability in Domainmod In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS. | 6.1 |
| 2018-12-20 | CVE-2018-1000856 | Cross-site Scripting vulnerability in Domainmod DomainMOD version 4.09.03 and above. | 4.8 |
| 2018-12-10 | CVE-2018-20011 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field. | 4.8 |
| 2018-12-10 | CVE-2018-20010 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field. | 4.8 |
| 2018-12-10 | CVE-2018-20009 | Cross-site Scripting vulnerability in Domainmod DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field. | 4.8 |
| 2018-12-06 | CVE-2018-19915 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field. | 4.8 |
| 2018-12-06 | CVE-2018-19914 | Cross-site Scripting vulnerability in Domainmod DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field. | 4.8 |