CVE-2019-1010094

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2019-1010094

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010094.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-1010094

Published

2019-07-18T13:15:11.127Z

Modified

2026-03-14T09:31:34.663547Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

domainmod v4.10.0 is affected by: Cross Site Request Forgery (CSRF). The impact is: There is a CSRF vulnerability that can change admin password. The component is: http://127.0.0.1/settings/password/ http://127.0.0.1/admin/users/add.php http://127.0.0.1/admin/users/edit.php?uid=2. The attack vector is: After the administrator logged in, open the html page.

References

https://github.com/domainmod/domainmod/issues/65

Affected packages

Git / github.com/domainmod/domainmod

Affected ranges

Type

GIT

Repo

https://github.com/domainmod/domainmod

Events

Introduced

Last affected

e68e5165372ade1e3cfa6de4c870a18dcfe0b20d

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "4.10.0"
        }
    ]
}

Affected versions

v0.*

v0.1.0

v0.10.0

v0.11.0

v0.11.1

v0.11.2

v0.12.0

v0.13.0

v0.14.0

v0.14.1

v0.15.0

v0.15.1

v0.15.2

v0.16.0

v0.16.1

v0.17.0

v0.18.0

v0.18.1

v0.18.2

v0.18.3

v0.19.0

v0.19.1

v0.19.2

v0.19.3

v0.19.4

v0.2.0

v0.20.0

v0.20.1

v0.20.2

v0.21.0

v0.21.1

v0.21.2

v0.21.3

v0.21.4

v0.21.5

v0.21.6

v0.21.7

v0.21.8

v0.22.0

v0.22.1

v0.22.2

v0.22.3

v0.22.4

v0.22.5

v0.23.0

v0.24.0

v0.24.1

v0.24.2

v0.25.0

v0.25.1

v0.25.2

v0.26.0

v0.26.1

v0.26.2

v0.26.3

v0.26.4

v0.26.5

v0.26.6

v0.27.0

v0.27.1

v0.27.2

v0.27.3

v0.28.0

v0.29.0

v0.3.0

v0.3.1

v0.30.0

v0.30.1

v0.30.2

v0.31.0

v0.31.1

v0.31.2

v0.31.3

v0.31.4

v0.31.5

v0.32.0

v0.32.1

v0.33.0

v0.33.1

v0.33.2

v0.33.3

v0.33.4

v0.33.5

v0.33.6

v0.34.0

v0.34.1

v0.34.2

v0.35.0

v0.36.0

v0.36.1

v0.36.2

v0.36.3

v0.37.0

v0.37.1

v0.38.0

v0.39.0

v0.4.0

v0.4.1

v0.40.0

v0.40.1

v0.40.2

v0.41.0

v0.41.1

v0.41.2

v0.41.3

v0.42.0

v0.43.0

v0.44.0

v0.44.1

v0.44.2

v0.44.3

v0.44.4

v0.44.5

v0.44.6

v0.45.0

v0.45.1

v0.45.2

v0.46.0

v0.47.0

v0.48.0

v0.49.0

v0.5.0

v0.5.1

v0.5.2

v0.50.0

v0.51.0

v0.52.0

v0.53.0

v0.54.0

v0.55.0

v0.55.1

v0.55.2

v0.55.3

v0.56.0

v0.57.0

v0.57.1

v0.58.0

v0.58.1

v0.58.2

v0.59.0

v0.6.0

v0.6.1

v0.60.0

v0.60.1

v0.61.0

v0.61.1

v0.61.2

v0.62.0

v0.63.0

v0.64.0

v0.65.0

v0.66.0

v0.67.0

v0.67.1

v0.68.0

v0.69.0

v0.69.1

v0.7.0

v0.70.0

v0.70.1

v0.70.2

v0.71.0

v0.72.0

v0.73.0

v0.74.0

v0.75.0

v0.76.0

v0.77.0

v0.77.1

v0.78.0

v0.79.0

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.80.0

v0.81.0

v0.82.0

v0.82.1

v0.82.2

v0.82.3

v0.82.4

v0.83.0

v0.84.0

v0.84.1

v0.84.2

v0.85.0

v0.85.1

v0.86.0

v0.87.0

v0.88.0

v0.89.0

v0.9.0

v0.91.0

v0.91.1

v0.91.2

v0.91.3

v0.91.4

v0.91.5

v0.92.0

v0.92.1

v0.92.2

v0.93.0

v3.*

v3.0.0

v3.0.1

v3.0.2

v3.0.3

v3.0.4

v3.0.5

v3.0.6

v3.0.7

v3.0.8

v3.0.9

v4.*

v4.00.000

v4.01.000

v4.01.001

v4.01.002

v4.01.003

v4.01.004

v4.01.005

v4.01.006

v4.01.007

v4.01.008

v4.02.000

v4.02.001

v4.03.000

v4.03.001

v4.03.002

v4.04.000

v4.04.001

v4.05.00

v4.05.01

v4.05.02

v4.05.03

v4.06.00

v4.06.01

v4.07.00

v4.08.00

v4.09.00

v4.09.01

v4.09.02

v4.09.03

v4.10.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-1010094.json"