MagnusBilling Login Logs - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

ECHO-9DAD-2609-2B54

Bulletin has no description...

ECHO-2609-8708-04A3

Bulletin has no description...

MiracleLinux 8 : thunderbird-115.10.0-2.el8_9.ML.1 (AXSA:2024-7726:10)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-7726:10 advisory. Mozilla: Denial of Service using HTTP/2 CONTINUATION frames CVE-2024-3302 Tenable has extracted the preceding description block directly from the...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2025-2609)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TencentOS Server 4: firefox (TSSA-2024:0153)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0153 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 3: thunderbird (TSSA-2024:0142)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0142 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

TencentOS Server 4: vim (TSSA-2024:1005)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:1005 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-20657

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609...

CVE-2025-20657

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609...

CVE-2025-20657

In vdec, there is a possible permission bypass due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09486425; Issue ID: MSV-2609...

CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

CVE-2025-2609

creationtimestamp| type| source ---|---|--- 2025-03-21 23:19:59+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8457 2025-03-22 00:48:22+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114203328650631535 2025-03-22 02:00:36+00:00| seen|...

CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

CVE-2025-2609

CVE-2025-2609 affects MagnusBilling up to version 7.3.0. Affected component: MagnusLog.Php in the login logging, where improper input neutralization during web page generation allows unauthenticated users to store HTML content in the viewable log at /mbilling/index.php/logUsers/read, enabling cro...

CVE-2025-2609 MagnusBilling Stored Cross-Site Scripting in Login Logs

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

Linux Distros Unpatched Vulnerability : CVE-2023-2609

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 Note that Nessus relies on the presence of the package as reported by the...

EulerOS Virtualization 3.0.6.0 : vim (EulerOS-SA-2024-1708)

According to the versions of the vim packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. CVE-2023-2609 - Vim is an improved version of the good old...

Huawei EulerOS: Security Advisory for vim (EulerOS-SA-2024-1708)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...