Lucene search
K

5 matches found

Nuclei
Nuclei
added 8 hours ago38 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting via assets/edit/registrar-account.php. id: CVE-2018-19136 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting v...

6.1CVSS6.6AI score0.06653EPSS
Exploits5References5
Packet Storm
Packet Storm
added 2018/11/16 12:0 a.m.310 views

DomainMOD 4.11.01 Cross Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-09 Exploit Author: Dawood Ansar Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19136 A Reflected Cross-site scripti...

6.6AI score0.06653EPSS
Exploits5
exploitpack
exploitpack
added 2018/11/16 12:0 a.m.19 views

DomainMOD 4.11.01 - raid Cross-Site Scripting

DomainMOD 4.11.01 - raid Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-09 Exploit Author: Dawood Ansar Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE :...

4.3CVSS6.4AI score0.06653EPSS
Exploits5
Exploit DB
Exploit DB
added 2018/11/16 12:0 a.m.35 views

DomainMOD 4.11.01 - 'raid' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-09 Exploit Author: Dawood Ansar Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/domainmod/domainmod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19136 A Reflected Cross-site scripti...

6.1CVSS6.8AI score0.06653EPSS
Exploits5
CVE
CVE
added 2018/11/09 7:0 p.m.92 views

CVE-2018-19136

DomainMOD 4.11.01 is vulnerable to reflected cross-site scripting through assets/edit/registrar-account.php?raid=… due to insufficient input sanitization of the raid parameter. This can allow an attacker to execute arbitrary JavaScript in a victim’s browser, potentially enabling session hijacking...

6.1CVSS6.1AI score0.06653EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder