CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

NVD•added 2026/05/19 10:16 p.m.•6 views

CVE-2026-34358

CtrlPanel is open-source billing software for hosting providers. Versions 1.1.1 and prior contains a broken access control vulnerability where multiple admin controllers enforce permission checks on form display methods but omit equivalent checks on the corresponding write methods, allowing any...

8.1CVSS0.00032EPSS

Exploits0References2

CVE•added 2026/05/19 9:9 p.m.•6 views

CVE-2026-34241

CVE-2026-34241 (CtrlPanel) : Open-source hosting billing software with versions ≤ 1.1.1 contains a Stored XSS in the ticket reply notification system. Unsanitized content in $newmessage is stored in notification payloads and later rendered with Blade’s {!! !!} in recipients’ browsers, affecting b...

8.7CVSS6AI score0.00037EPSS

Exploits0References2

EUVD•added 2026/04/20 12:32 p.m.•0 views

EUVD-2026-23814

A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...

4.8CVSS4.2AI score0.00033EPSS

Exploits0References5

EUVD•added 2026/04/20 12:32 p.m.•1 views

EUVD-2026-23813

A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

4.8CVSS3.9AI score0.00033EPSS

Exploits0References5

EUVD•added 2026/04/20 12:32 p.m.•0 views

EUVD-2026-23815

A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...

4.8CVSS4AI score0.00033EPSS

Exploits0References5

NVD•added 2026/04/20 10:16 a.m.•1 views

CVE-2026-6623

4.8CVSS0.00033EPSS

Exploits0References4

NVD•added 2026/04/20 10:16 a.m.•1 views

CVE-2026-6624

4.8CVSS0.00033EPSS

Exploits0References4

NVD•added 2026/04/20 10:16 a.m.•3 views

CVE-2026-6622

4.8CVSS0.00033EPSS

Exploits0References4

CVE•added 2026/04/20 9:15 a.m.•3 views

CVE-2026-6624

The CVE concerns BichitroGan ISP Billing Software 2025.3.20. Affected component: the Pool List Interface function at /?_route=pool/add, where input manipulation can lead to cross-site scripting. The exploit is described as remote and publicly available, with the vendor contacted but no response. ...

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4

ATTACKERKB•added 2026/04/20 9:15 a.m.•2 views

CVE-2026-6624

4.8CVSS4AI score0.00033EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/20 9:15 a.m.•1 views

CVE-2026-6624 BichitroGan ISP Billing Software Pool List add cross site scripting

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4

Cvelist•added 2026/04/20 9:0 a.m.•27 views

CVE-2026-6623 BichitroGan ISP Billing Software Profile users-view cross site scripting

4.8CVSS0.00033EPSS

Exploits0References4

CVE•added 2026/04/20 9:0 a.m.•4 views

CVE-2026-6623

CVE-2026-6623 affects BichitroGan ISP Billing Software 2025.3.20. The issue is a cross-site scripting vulnerability in the Profile Page Handler, triggered by manipulating the file path /?_route=settings/users-view/. The attack could be carried out remotely, with the CVSS indicating network access...

4.8CVSS4.1AI score0.00033EPSS

Exploits0References4

Vulnrichment•added 2026/04/20 9:0 a.m.•0 views

CVE-2026-6623 BichitroGan ISP Billing Software Profile users-view cross site scripting

4.8CVSS4.2AI score0.00033EPSS

Exploits0References4

ATTACKERKB•added 2026/04/20 8:45 a.m.•2 views

CVE-2026-6622

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2026/04/20 8:45 a.m.•2 views

CVE-2026-6622 BichitroGan ISP Billing Software Customer edit cross site scripting

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4

CVE•added 2026/04/20 8:45 a.m.•5 views

CVE-2026-6622

CVE-2026-6622 affects BichitroGan ISP Billing Software 2025.3.20. The vulnerability is in the Customer Handler ’s function handling the path/?_route=customers/edit/, where manipulation can lead to a cross-site scripting (XSS) condition. It is exploitable remotely and an exploit is publicly availa...

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4

Positive Technologies•added 2026/04/20 12:0 a.m.•0 views

PT-2026-33745

A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /? route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...

4.8CVSS3.9AI score0.00033EPSS

Exploits0References4

Positive Technologies•added 2026/04/20 12:0 a.m.•1 views

PT-2026-33744

A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /? route=settings/users-view/ of the component Profile Page Handler. Performing a manipulation results in cross site scripting. The attack is possible to be carried out...

4.8CVSS4.1AI score0.00033EPSS

Exploits0References4

CNNVD•added 2026/04/20 12:0 a.m.•4 views

BichitroGan ISP Billing Software 安全漏洞

BichitroGan ISP Billing Software is an internet service provider billing and customer management system developed by BichitroGan Company in Bangladesh. The version 2025.3.20 of BichitroGan ISP Billing Software contains a security vulnerability. This vulnerability arises from improper handling of...

4.8CVSS5.6AI score0.00033EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by