EUVD-2018-2041

Malware in sbrugna...

DomainMOD 4.11.01 - 'assets/add/dns.php' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19914 A Stored Cross-site...

Cross site scripting

DomainMOD version 4.09.03 and above. Also verified in the latest version 4.11.01 contains a Cross Site Scripting XSS vulnerability in Segment Name field in the segments page that can result in Arbitrary script can be executed on all users browsers who visit the affected page. This attack appear t...

Design/Logic Flaw

DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter...

DomainMod cross-site scripting vulnerability (CNVD-2018-10361)

DomainMod is a PHP and MySQL based open source application for managing centrally located domain names and other Internet assets. A cross-site scripting vulnerability exists in DomainMod version 4.09.03. A remote attacker can exploit this vulnerability by sending the 'sslpaid' parameter to the...