Magnussolution CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Magnussolution Subscriptions

Search

Switch to Advanced Search (Beta)

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2025-52289	1 Magnussolution	1 Magnusbilling	2025-08-06	8 High
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.
CVE-2023-30258	1 Magnussolution	1 Magnusbilling	2025-04-16	9.8 Critical
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
CVE-2025-2609	1 Magnussolution	1 Magnusbilling	2025-04-01	8.2 High
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.
CVE-2025-2610	1 Magnussolution	1 Magnusbilling	2025-04-01	7.6 High
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.

Page 1 of 1.