CVE-2026-33543

FOSSBilling is a free, open-source billing and client management system. Versions 0.7.2 and prior expose a guest API endpoint, /api/guest/staff/create, intended for initial administrator bootstrap. Due to a flawed admin-existence check, the endpoint remains usable after an administrator already...

FOSSBilling < 0.5.3 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository fossbilling/fossbilling prior to 0.5.4. id: CVE-2023-3521 info: name: FOSSBilling &datefrom='" HTTP/1.1 Host: Hostname matchers-condition: and matchers: - type: word part: body words:...

CVE-2025-64105

FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions 0.6.21 through 0.7.2 are vulnerable to IDOR through the support ticket creation workflow. By manipulating relid when reltype=order, an authenticated...

CVE-2026-23513

CVE-2026-23513 affects FOSSBilling prior to 0.8.0. A query-construction flaw in client list endpoints (ServiceTransaction::getSearchQuery and Order\Service::getSearchQuery) fails to group OR-based filters, allowing authenticated clients to bypass tenant scoping and retrieve other clients’ data (i...

CVE-2026-23513

FOSSBilling is a free, open-source billing and client management system. In versions 0.7.2 and prior, a query-construction flaw in client list endpoints allowed authenticated clients to bypass tenant scoping and retrieve other clients’ data. Details In ServiceTransaction::getSearchQuery and...

CVE-2025-64105

FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions 0.6.21 through 0.7.2 are vulnerable to IDOR through the support ticket creation workflow. By manipulating relid when reltype=order, an authenticated...

CVE-2025-64105

Summary: FOSSBilling

CVE-2025-64105 FOSSBilling: IDOR Vulnerability in Support Ticket Creation

FOSSBilling is a billing and client management system that automates invoicing, payments, and communication for online service businesses. Versions 0.6.21 through 0.7.2 are vulnerable to IDOR through the support ticket creation workflow. By manipulating relid when reltype=order, an authenticated...

CVE-2026-28496

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

CVE-2026-27604

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

CVE-2026-27604 FOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin Functions

FOSSBilling is a free, open-source billing and client management system. Starting in version 0.5.4 and prior to version 0.8.0, an authorization bypass in the API role handling allows unauthenticated access to privileged /api/system/ endpoints. Because system resolves to the cron admin identity,...

CVE-2026-27604

FOSSBilling 0.5.4–0.7.x contains an authorization bypass in the API role handling that permits unauthenticated access to privileged /api/system/* endpoints. The issue maps to the system identity (cron admin), allowing admin API methods without credentials, session, or CSRF tokens. Version 0.8.0 i...

CVE-2026-28496

CVE-2026-28496 (FOSSBilling) affects versions prior to 0.8.0, where a Server-Side Template Injection (SSTI) in Twig template rendering allows an attacker with access to template-rendering features (email templates, mass mail campaigns, custom payment adapters, string_render API) to inject arbitra...

EUVD-2026-38455

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

CVE-2026-28496 FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

Exploit for CVE-2026-53646

███████╗ ██████╗ ███████╗██╗ ██╗██╗██╗ ██╗ ███████...

CVE-2026-43924

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs before storing or issuing redirects. This allows arbitrary external URLs to be configured as redirect...

CVE-2026-40495

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the hideversionpublic security setting. The FOSSBilling version is embedded in the query string of every...

CVE-2026-43926

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the password reset confirmation endpoint /client/reset-password-confirm/:hash is handled by a non-API controller and is not covered by FOSSBilling's rate limiter, which only applies to /api/ routes...

CVE-2026-43926 FOSSBilling's password reset confirmation endpoint lacks rate limiting

FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the password reset confirmation endpoint /client/reset-password-confirm/:hash is handled by a non-API controller and is not covered by FOSSBilling's rate limiter, which only applies to /api/ routes...