DomainMOD 4.11.01 - 'assets/edit/host.php?whid=5' Cross-Site Scripting

Exploit Title: DomainMOD 4.11.01 - Cross-Site Scripting Date: 2018-11-22 Exploit Author: Mohammed Abdul Kareem Vendor Homepage: domainmod https://domainmod.org/ Software Link: domainmod https://github.com/DomainMod/DomainMod Version: v4.09.03 to v4.11.01 CVE : CVE-2018-19915 A Stored Cross-site...

DomainMOD cross-site scripting vulnerability (CNVD-2019-07968)

DomainMOD is an open source application for managing your domain names and other Internet assets in a central location. A cross-site scripting vulnerability exists in DomainMOD versions 4.11.01 and earlier, which can be exploited by an attacker via the assets/edit/host.php Web Host Name or Web Ho...

CVE-2018-19915

CVE-2018-19915 affects DomainMOD up to version 4.11.01. The vulnerability is a stored XSS via the assets/edit/host.php Web Host Name or Web Host URL fields, allowing execution of arbitrary JavaScript in an authenticated user context and potentially session-related impacts. The issue is documented...