CVE-2025-48482 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, there is a mass assignment vulnerability. The Customer object is updated using the fill method, which processes fields such as channel and channelid. However, the fill method is called with all client-provided...

CVE-2025-48481 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an attacker with an unactivated email invitation containing invitehash, can exploit this vulnerability to self-activate their account, despite it being blocked or deleted, by leveraging the invitation link fro...

CVE-2025-48480 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, an authorized user with the administrator role or with the privilege User::PERMEDITUSERS can create a user, specifying the path to the user's avatar ../.htaccess during creation, and then delete the user's...

CVE-2025-48479 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the laravel-translation-manager package does not correctly validate user input, enabling the deletion of any directory, given sufficient access rights. This issue has been patched in version 1.8.180...

CVE-2025-48477 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...

CVE-2025-48477 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, the application's logic requires the user to perform a correct sequence of actions to implement a functional capability, but the application allows access to the functional capability without correctly...

CVE-2025-48476 FreeScout Has Business Logic Errors

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.180, when adding and editing user records using the fill method, there is no check for the absence of the password field in the data coming from the user, which leads to a mass-assignment vulnerability. As a result...

CVE-2023-0565

Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.10...

CVE-2023-3229

Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0...

CVE-2023-1887

Business Logic Errors in GitHub repository thorsten/phpmyfaq prior to 3.1.12...

CVE-2023-1542

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-1541

Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6...

CVE-2023-32075

The Customer Management Framework CMF for Pimcore adds functionality for customer data management. In pimcore/customer-management-framework-bundle prior to version 3.3.9, business logic errors are possible in the Conditions tab since the counter can be a negative number. This vulnerability is...

CVE-2023-6832

Business Logic Errors in GitHub repository microweber/microweber prior to 2.0...

CVE-2022-4719

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.5...

CVE-2022-0746

Business Logic Errors in GitHub repository dolibarr/dolibarr prior to 16.0...

CVE-2022-0514

Business Logic Errors in GitHub repository crater-invoice/crater prior to 6.0.5...

CVE-2022-38982

The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked...

CVE-2022-3363

Business Logic Errors in GitHub repository ikus060/rdiffweb prior to 2.5.0a7...

CVE-2021-39968

Changlian Blocklist has a Business Logic Errors vulnerability .Successful exploitation of this vulnerability may expand the attack surface of the message class...