Domainmod : Security Vulnerabilities, CVEs, (CSRF)

CVE-2020-20989

A cross-site request forgery (CSRF) in /admin/maintenance/ of Domainmod 4.13 allows attackers to arbitrarily delete logs.
Max CVSS
4.3
EPSS Score
0.06%
Published
2021-08-12
Updated
2021-08-18

CVE-2019-1010096

DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change the read-only user to admin. The component is: admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page.
Max CVSS
8.8
EPSS Score
0.11%
Published
2019-07-18
Updated
2019-10-30

CVE-2019-1010095

DomainMOD v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can add the administrator account. The component is: admin/users/add.php. The attack vector is: After the administrator logged in, open the html page.
Max CVSS
8.8
EPSS Score
0.11%
Published
2019-07-18
Updated
2019-10-30

CVE-2019-1010094

domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page.
Max CVSS
8.8
EPSS Score
0.11%
Published
2019-07-18
Updated
2019-07-19
4 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close