155 matches found
CVE-2026-6624
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...
CVE-2026-6622
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...
CVE-2026-34358
CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on form display methods but omit equivalent checks on the corresponding write methods, allowing any...
CVE-2026-34241
CVE-2026-34241 (CtrlPanel) : Open-source hosting billing software with versions ≤ 1.1.1 contains a Stored XSS in the ticket reply notification system. Unsanitized content in $newmessage is stored in notification payloads and later rendered with Blade’s {!! !!} in recipients’ browsers, affecting b...
EUVD-2026-23815
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...
EUVD-2026-23813
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...
EUVD-2026-23814
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...
CVE-2026-6623
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...
CVE-2026-6622
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...
CVE-2026-6624
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...
CVE-2026-6624
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...
CVE-2026-6624 BichitroGan ISP Billing Software Pool List add cross site scripting
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...
CVE-2026-6624
The CVE concerns BichitroGan ISP Billing Software 2025.3.20. Affected component: the Pool List Interface function at /?_route=pool/add, where input manipulation can lead to cross-site scripting. The exploit is described as remote and publicly available, with the vendor contacted but no response. ...
CVE-2026-6623 BichitroGan ISP Billing Software Profile users-view cross site scripting
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...
CVE-2026-6623 BichitroGan ISP Billing Software Profile users-view cross site scripting
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...
CVE-2026-6623
CVE-2026-6623 affects BichitroGan ISP Billing Software 2025.3.20. The issue is a cross-site scripting vulnerability in the Profile Page Handler, triggered by manipulating the file path /?_route=settings/users-view/. The attack could be carried out remotely, with the CVSS indicating network access...
CVE-2026-6622 BichitroGan ISP Billing Software Customer edit cross site scripting
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...
CVE-2026-6622
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...
CVE-2026-6622
CVE-2026-6622 affects BichitroGan ISP Billing Software 2025.3.20. The vulnerability is in the Customer Handler ’s function handling the path/?_route=customers/edit/, where manipulation can lead to a cross-site scripting (XSS) condition. It is exploitable remotely and an exploit is publicly availa...
PT-2026-33744
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /? route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...