7 matches found
DomainMOD 4.11.01 - Cross-Site Scripting
DomainMOD through version 4.11.01 is vulnerable to cross-site scripting via the /assets/add/category.php CatagoryName and StakeHolder parameters. id: CVE-2018-20011 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD through version...
DomainMOD 4.11.01 Cross Site Scripting
Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20009 A Stored Cross-site...
DomainMOD 4.11.01 - (category.php CatagoryName, StakeHolder) Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE :...
DomainMOD 4.11.01 - category.php CatagoryName_ StakeHolder Cross-Site Scripting
DomainMOD 4.11.01 - category.php CatagoryName StakeHolder Cross-Site Scripting Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod...
CVE-2018-20011
creationtimestamp| type| source ---|---|--- 2019-02-14 00:00:00+00:00| exploited| https://www.exploit-db.com/exploits/46374...
DomainMOD 4.11.01 - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting
Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Raheem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-20011 A Stored Cross-site...
CVE-2018-20011
CVE-2018-20011 affects DomainMOD up to version 4.11.01. The vulnerability is a stored XSS via the assets/add/category.php page, specifically in the CatagoryName and StakeHolder fields. Evidence across sources (NVD entry, Nuclei template, Exploit-DB) confirms an XSS payload can be injected after l...