# Exploit Title : DomainMOD 4.11.01 and before - 'category.php CatagoryName, StakeHolder' Cross-Site Scripting # Author [ Discovered By ] : Mohammed Abdul Raheem # Company Name : TrekShield IT Solutions # Date : 14-02-2019 # Vendor Homepage : https://domainmod.org/ # Software Information Link : https://github.com/DomainMod/DomainMod # Software Affected Versions : DomainMOD v4.09.03 to v4.11.01 # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # Vulnerability Type : Cross Site Scripting - Stored Xss # CVE : CVE-2018-20011 # Exploit-db : https://www.exploit-db.com/?author=9783 #################################################################### # Description about Software : *************************** DomainMOD is an open source application used to manage domains and other internet assets in a central location #################################################################### # Impact : *********** * This attack vector can be used by an attacker to perform Account Hijacking Stealing Credentials Sensitive Data Exposure etc.. # Cross Site Scripting - Stored XSS Exploit : *********************************************After logging into the Domainmod application panel, browse to the /assets/add/category.php page and inject a javaScript XSS payload in CatagoryName, StakeHolder fields "> # More Information Can be find here : *************************************https://github.com/domainmod/domainmod/issues/88 ################################################################### # Discovered By Mohammed Abdul Raheem from TrekShield.com