Lucene search
+L

215 matches found

CNNVD
CNNVD
added 2023/06/14 12:0 a.m.8 views

fossbilling 安全漏洞

fossbilling is a free open source solution for efficient billing and customer management. A security vulnerability exists in fossbilling versions prior to 0.5.0 that stems from a business logic error...

5.7CVSS5.6AI score0.00476EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.7 views

PT-2023-23702 · Unknown · Fossbilling

Name of the Vulnerable Software and Affected Versions: fossbilling versions prior to 0.5.0 Description: The issue concerns Business Logic Errors in the GitHub repository fossbilling/fossbilling. Recommendations: For versions prior to 0.5.0, update to version 0.5.0 or later to resolve the issue...

6.5CVSS5.6AI score0.00509EPSS
Exploits1References7
Cvelist
Cvelist
added 2023/06/14 12:0 a.m.32 views

CVE-2023-3227 Insufficient Granularity of Access Control in fossbilling/fossbilling

Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS5.8AI score0.00407EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/06/14 12:0 a.m.10 views

CVE-2023-3227 Insufficient Granularity of Access Control in fossbilling/fossbilling

Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS6.8AI score0.00407EPSS
Exploits1References2
CVE
CVE
added 2023/06/14 12:0 a.m.143 views

CVE-2023-3228

CVE-2023-3228 concerns fossbilling/fossbilling prior to 0.5.0 and is evidenced by a risk described in connected Huntr documentation: a business logic flaw where an attacker can modify the product ID during order processing to bypass the main product requirement and directly purchase an addon. Aff...

5.7CVSS5.5AI score0.00476EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2023/06/14 12:0 a.m.128 views

CVE-2023-3227

CVE-2023-3227 targets fossbilling/fossbilling with insufficient granularity of access control prior to version 0.5.0. Affected component/condition: access-control checks lacking granularity (per multiple sources). Impact is described as insufficient access control, with remediation recommended to...

5.7CVSS5.5AI score0.00407EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/14 12:0 a.m.7 views

CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS6.8AI score0.00509EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/06/14 12:0 a.m.9 views

PT-2023-23690 · Unknown · Fossbilling

Name of the Vulnerable Software and Affected Versions: fossbilling/fossbilling versions prior to 0.5.0 Description: The issue is related to insufficient granularity of access control. There is no information provided about the estimated number of potentially affected devices worldwide or real-wor...

5.7CVSS5.2AI score0.00407EPSS
Exploits1References7
Cvelist
Cvelist
added 2023/06/14 12:0 a.m.19 views

CVE-2023-3230 Missing Authorization in fossbilling/fossbilling

Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0...

4.6CVSS7.7AI score0.00407EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/06/14 12:0 a.m.38 views

CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS6.7AI score0.00509EPSS
Exploits1References2
OSV
OSV
added 2023/06/14 12:0 a.m.22 views

CVE-2023-3229 Business Logic Errors in fossbilling/fossbilling

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS5.5AI score0.00509EPSS
Exploits1References4
OSV
OSV
added 2023/06/14 12:0 a.m.19 views

CVE-2023-3227 Insufficient Granularity of Access Control in fossbilling/fossbilling

Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS5.5AI score0.00407EPSS
Exploits1References4
OSV
OSV
added 2023/06/14 12:0 a.m.17 views

CVE-2023-3228 Business Logic Errors in fossbilling/fossbilling

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

5.4CVSS5.5AI score0.00476EPSS
Exploits1References4
OSV
OSV
added 2023/06/14 12:0 a.m.17 views

CVE-2023-3230 Missing Authorization in fossbilling/fossbilling

Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0...

4.6CVSS5AI score0.00407EPSS
Exploits1References4
Huntr
Huntr
added 2023/06/10 6:35 a.m.24 views

Downloadable product type lacks order status check

Description There is a vulnerability in fossbilling where upgrading non-active orders is prevented, but it is possible to still do so through the upgrade API...

5CVSS6.8AI score0.00407EPSS
Exploits1
Rows per page
Query Builder