CVE-2019-15811 Scanner
Detects 'Cross-Site Scripting (XSS)' vulnerability in DomainMOD affects v. through 4.13.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 sec
Scan only one
Domain, Ipv4
Toolbox
-
DomainMOD is a powerful, open-source domain name management system that provides users with an intuitive interface for managing their digital assets. This software application is designed for domain name registrars, web hosts, and individuals who manage a large number of domain names. Users can track and monitor domain name registrations, expirations, and transfers, and can also generate detailed reports on their domain name portfolio.
One of the vulnerabilities discovered in DomainMOD is CVE-2019-15811. This vulnerability is found in version 4.13 and earlier of DomainMOD and is related to the parameter daterange used in the file reporting/domains/cost-by-month.php. By exploiting this vulnerability, attackers can execute arbitrary JavaScript code through XSS (Cross-site scripting). This results in the attacker being able to steal cookies, session tokens, or other sensitive data and carry out phishing attacks without the user’s knowledge.
When this vulnerability is successfully exploited, it can lead to a major security breach in the affected domain names. An attacker can take control of an entire domain name portfolio and wreak havoc on every website hosted on those domains. They can also modify domain records, redirect traffic to fake websites, and even initiate DDoS attacks on the targeted domains. This can cause significant financial loss to domain owners and tarnish their online reputation.
In conclusion, the security of digital assets should be everyone’s top priority. With the pro features of the securityforeveryone.com platform, users can easily and quickly learn about vulnerabilities in their domain name portfolio. They can also receive alerts when new vulnerabilities are discovered, and get recommendations on how to mitigate them. By staying informed and taking appropriate precautions, domain owners can keep their digital assets safe from malicious attacks.
REFERENCES
control security posture