Magnussolution: Security Vulnerabilities
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php.
This issue affects MagnusBilling: through 7.3.0.
CVSS Score
8.2
EPSS Score
0.043
Published
2025-03-21
Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php.
This issue affects MagnusBilling: through 7.3.0.
CVSS Score
7.6
EPSS Score
0.022
Published
2025-03-21
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.
CVSS Score
9.8
EPSS Score
0.935
Published
2023-06-23