Home/Product/mjdm majordomo
Product

mjdm majordomo

15 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2026-27181
all versions
MajorDoMo (aka Major Domestic Module) allows unauthenticated arbitrary module uninstallation through the market module. The market
7.5HIGH
 CVE-2026-27180
all versions
MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated remote code execution through supply chain compromise via u
9.8CRITICAL
 CVE-2026-27179
all versions
MajorDoMo (aka Major Domestic Module) contains an unauthenticated SQL injection vulnerability in the commands module. The commands
8.2HIGH
 CVE-2026-27178
all versions
MajorDoMo (aka Major Domestic Module) contains a stored cross-site scripting (XSS) vulnerability through method parameter injectio
7.2HIGH
 CVE-2026-27177
all versions
MajorDoMo (aka Major Domestic Module) contains a stored cross-site scripting (XSS) vulnerability via the /objects/?op=set endpoint
7.2HIGH
 CVE-2026-27176
all versions
MajorDoMo (aka Major Domestic Module) contains a reflected cross-site scripting (XSS) vulnerability in command.php. The $qry param
6.1MEDIUM
 CVE-2026-27175
all versions
MajorDoMo (aka Major Domestic Module) is vulnerable to unauthenticated OS command injection via rc/index.php. The $param variable
9.8CRITICAL
 CVE-2026-27174
all versions
MajorDoMo (aka Major Domestic Module) allows unauthenticated remote code execution via the admin panel's PHP console feature. An i
9.8CRITICAL
 CVE-2023-50917
< 2023-11-15
MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell metacharacters. NOTE: this is un
9.8CRITICAL
 CVE-2010-0345
<= 1.1.3
Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allows remote attackers to inject
 CVE-2003-1367
<= 2.0
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allo
 CVE-2000-0037
all versions
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
 CVE-2000-0035
<= 1.94.4
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
 CVE-1999-1220
<= 1.94.3
Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is
 CVE-1999-0207
all versions
Remote attacker can execute commands through Majordomo using the Reply-To field and a "lists" command.
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Recently exploited
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh