Shodan
Vulnerabilities
Vulnerable Software
Magnussolution:  >> Magnusbilling  Security Vulnerabilities
CVE-2025-52289
A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.
CVSS Score
8.0
EPSS Score
0.0
Published
2025-07-31
CVE-2025-2609
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.
CVSS Score
8.2
EPSS Score
0.04
Published
2025-03-21
CVE-2025-2610
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.
CVSS Score
7.6
EPSS Score
0.016
Published
2025-03-21
CVE-2023-30258
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
CVSS Score
9.8
EPSS Score
0.935
Published
2023-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved