CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Magnussolution: >> Magnusbilling >> 7.8.5.3 Security Vulnerabilities

CVE-2025-52289

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.

CVSS Score

8.0

EPSS Score

0.0

Published

2025-07-31

Page 1

Vulnerabilities

Vulnerable Software

Magnussolution: >> Magnusbilling >> 7.8.5.3 Security Vulnerabilities

Products

Pricing

Contact Us