.. / CVE-2019-15811

Exploit for DomainMOD <=4.13.0 - Cross-Site Scripting (CVE-2019-15811)

Description:

DomainMOD through 4.13.0 contains a cross-site scripting vulnerability via /reporting/domains/cost-by-month.php in Daterange parameters.

Nuclei Template

View the template here CVE-2019-15811.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2019/CVE-2019-15811.yaml
Copy

References:

https://github.com/domainmod/domainmod/issues/108
https://nvd.nist.gov/vuln/detail/CVE-2019-15811
https://www.exploit-db.com/exploits/47325
https://github.com/ARPSyndicate/kenzer-templates
https://zerodays.lol/