Export CSV

Products

1 vendor
VendorProductsCVEsKEVAvg EPSSWorst Severity
14048.8%CRITICAL

Related CVEs

4
CVE IDDescriptionSeverityCVSSKEVEPSSPublished
CVE-2025-52289A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.HIGH8.030.7%Jul 31, 2025
CVE-2025-2610Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.MEDIUM5.454.1%Mar 21, 2025
CVE-2025-2609Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.MEDIUM6.161.5%Mar 21, 2025
CVE-2023-30258Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.CRITICAL9.8Jun 23, 2023