6 matches found
EUVD-2018-3438
Malware in sbrugna...
DomainMod 4.09.03 Cross Site Scripting
Exploit Title: DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter Date: 2018-05-28 Exploit Author: longeri1/[email protected]/4 Vendor Homepage: domainmod https://github.com/domainmod/domainmod Software Link: domainmod https://github.com/domainmod/domainmod Version:...
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter...
CVE-2018-11404
CVE-2018-11404 affects DomainMod on version 4.09.03. The vulnerability is an XSS in the assets/edit/ssl-provider-account.php page via the sslpaid parameter, enabling injection of arbitrary script after login. Root cause: unsanitized input on the sslpaid parameter leading to reflected/stored/scrip...
CVE-2018-11404
DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter...
DomainMod cross-site scripting vulnerability (CNVD-2018-10361)
DomainMod is a PHP and MySQL based open source application for managing centrally located domain names and other Internet assets. A cross-site scripting vulnerability exists in DomainMod version 4.09.03. A remote attacker can exploit this vulnerability by sending the 'sslpaid' parameter to the...