304 matches found
EUVD-2018-12587
Malware in sbrugna...
EUVD-2019-1841
Malware in sbrugna...
EUVD-2019-18466
Malware in sbrugna...
CVE-2024-48624
In segments\edit.php of DomainMOD below v4.12.0, the segid parameter in the GET request can be exploited to cause a reflected Cross Site Scripting XSS vulnerability...
CVE-2024-48623
In queue\index.php of DomainMOD below v4.12.0, the listid and domainid parameters in the GET request can be exploited to cause a reflected Cross Site Scripting XSS...
CVE-2024-48622
A cross-site scripting XSS issue in DomainMOD below v4.12.0 allows remote attackers to inject JavaScript code via admin/domain-fields/edit.php and the cdfid parameter...
CVE-2020-20989
A cross-site request forgery CSRF in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs...
CVE-2020-35358
DomainMOD domainmod-v4.15.0 is affected by an insufficient session expiration vulnerability. On changing a password, both sessions using the changed password and old sessions in any other browser or device do not expire and remain active. Such flaws frequently give attackers unauthorized access t...
CVE-2020-20990
A cross site scripting XSS vulnerability in the /segments/edit.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via the Segment Name parameter...
CVE-2020-20988
A cross site scripting XSS vulnerability in the /domains/cost-by-owner.php component of Domainmod 4.13 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the "or Expiring Between" parameter...
CVE-2019-15811
In DomainMOD through 4.13, the parameter daterange in the file reporting/domains/cost-by-month.php has XSS...
CVE-2019-1010095
DomainMOD v4.10.0 is affected by: Cross Site Request Forgery CSRF. The impact is: There is a CSRF vulnerability that can add the administrator account. The component is: admin/users/add.php. The attack vector is: After the administrator logged in, open the html page...
CVE-2019-1010096
DomainMOD v4.10.0 is affected by: Cross Site Request Forgery CSRF. The impact is: There is a CSRF vulnerability that can change the read-only user to admin. The component is: admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page...
CVE-2018-11558
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" newfirstname parameter...
CVE-2018-19137
DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter...
CVE-2018-11559
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" newlastname parameter...
CVE-2018-1000856
DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting XSS vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear t...
CVE-2019-1010094
domainmod v4.10.0 is affected by: Cross Site Request Forgery CSRF. The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2. The attack vector...
CVE-2024-48622
A cross-site scripting XSS issue in DomainMOD below v4.12.0 allows remote attackers to inject JavaScript code via admin/domain-fields/edit.php and the cdfid parameter...
CVE-2024-48622
A cross-site scripting XSS issue in DomainMOD below v4.12.0 allows remote attackers to inject JavaScript code via admin/domain-fields/edit.php and the cdfid parameter...