EUVD-2018-11586

Malware in sbrugna...

EUVD-2018-2041

Malware in sbrugna...

DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19914 A Stored Cross-site...

DomainMOD 4.11.01 - 'ssl-provider-name' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20009 A Stored Cross-site...

DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19915 A Stored Cross-site...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07965)

DomainMOD is an open source application for managing your domain names and other Internet assets in a central location. DomainMOD 4.11.01 suffers from a cross-site scripting vulnerability that can be exploited by an attacker via the assets/add/category.php Category Name or Stakeholder fields...

Default credentials

DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field...

CVE-2018-20009

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

CVE-2018-20011

DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field...

CVE-2018-20010

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field...

Default credentials

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

CVE-2018-20011

DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field...

CVE-2018-20009

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field...

CVE-2018-20010

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07966)

DomainMOD is an open source application for managing your domain names and other Internet assets in a central location. A cross-site scripting vulnerability exists in DomainMOD versions 4.11.01 and earlier, which can be exploited by an attacker via the assets/add/registrar-accounts.php UserName,...

CVE-2018-19913

DomainMOD through 4.11.01 has XSS via the assets/add/registrar-accounts.php UserName, Reseller ID, or notes field...

CVE-2018-19915

DomainMOD through 4.11.01 has XSS via the assets/edit/host.php Web Host Name or Web Host URL field...

CVE-2018-19914

DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field...

Default credentials

DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field...

CVE-2018-19914

DomainMOD through 4.11.01 has XSS via the assets/add/dns.php Profile Name or notes field...