CVE-2018-19915 Scanner

DomainMOD is a web-based domain name management software that allows users to manage their domain portfolios, whois records, DNS records, and SSL certificates from a single centralized platform. It offers features such as domain name registration, bulk domain management, and automated domain expiry notifications.

However, the software has recently been found to have a security vulnerability- CVE-2018-19915. This vulnerability arises when attackers inject malicious code into the "Web Host Name" or "Web Host URL" fields in the "assets/edit/host.php" section.

When this vulnerability is exploited, it can lead to the injection of malicious code into a user's website, which can compromise the security of their entire domain name management system. This can result in the unauthorized access to sensitive data, website defacement, hijacking, and even complete system takeover.

Finally, readers of this article can benefit from the pro features of s4e.io, which offer quick and easy identification of security vulnerabilities in their digital assets. With this platform, users can detect vulnerabilities before they pose a threat and take proactive measures to protect their systems. s4e.io offers a complete vulnerability management solution, providing users with the peace of mind they need to focus on other aspects of managing their digital assets.

REFERENCES

• https://github.com/domainmod/domainmod/issues/87
• https://www.exploit-db.com/exploits/46376/