Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

36 matches found

Nuclei
Nucleiadded 18 hours ago26 views

MagnusBilling Alarm Module - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php.This issue affects MagnusBilling-...

7.6CVSS4.6AI score0.01578EPSS
Exploits1References3
Nuclei
Nucleiadded 18 hours ago22 views

MagnusBilling Login Logs - Cross-Site Scripting

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

8.2CVSS4.9AI score0.03183EPSS
Exploits1References3
Nuclei
Nucleiadded yesterday81 views

MagnusBilling - Remote Code Execution

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request. id: CVE-2023-30258 info: name: MagnusBilling - Remote Code Execution author: gy741,mananispiwpiw severity: critical description: | Comman...

9.8CVSS8.6AI score0.93709EPSS
Exploits15References5
GithubExploit
GithubExploitadded 2026/04/08 12:14 p.m.121 views

Exploit for OS Command Injection in Magnussolution Magnusbilling

THM-MagnusBilling-CVE-2023-30258 Perfect! Let’s convert your f...

9.8CVSS6AI score0.93709EPSS
Exploits15
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2025-7201

Malicious code in bioql PyPI...

7.6CVSS6.5AI score0.01578EPSS
Exploits1References5
EUVD
EUVDadded 2025/10/03 8:7 p.m.6 views

EUVD-2025-23282

Malicious code in bioql PyPI...

8CVSS6.5AI score0.00216EPSS
Exploits1References2
NVD
NVDadded 2025/07/31 3:15 p.m.6 views

CVE-2025-52289

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval...

8CVSS0.00216EPSS
Exploits1References2
OSV
OSVadded 2025/07/31 3:15 p.m.6 views

CVE-2025-52289

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval...

8CVSS6.3AI score0.00216EPSS
Exploits1References2
Cvelist
Cvelistadded 2025/07/31 12:0 a.m.9 views

CVE-2025-52289

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval...

0.00216EPSS
Exploits1References2
CVE
CVEadded 2025/07/31 12:0 a.m.19 views

CVE-2025-52289

CVE-2025-52289 affects MagnusBilling v7.8.5.3 and is a Broken Access Control vulnerability where newly registered users can escalate privileges by sending a crafted request to /mbilling/index.php/user/save to change status from "pending" to "active" without admin approval. The issue’s remediation...

8CVSS6.6AI score0.00216EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2025/07/31 12:0 a.m.5 views

CVE-2025-52289

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval...

7.2AI score0.00216EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/07/31 12:0 a.m.5 views

PT-2025-31528 · Unknown · Magnusbilling

Name of the Vulnerable Software and Affected Versions: MagnusBilling version 7.8.5.3 Description: A broken access control issue in MagnusBilling version 7.8.5.3 allows newly registered users to gain escalated privileges. This is achieved by sending a crafted request to the...

8CVSS6.6AI score0.00216EPSS
Exploits1References8
RedhatCVE
RedhatCVEadded 2025/04/16 4:11 p.m.10 views

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

9.8CVSS7.8AI score0.93709EPSS
Exploits15References1
Packet Storm
Packet Stormadded 2025/04/11 12:0 a.m.299 views

📄 MagnusBilling 6.x / 7.x Command Injection

MagnusBilling versions 6.x and 7.x suffer from an unauthenticated remote command injection vulnerability. Exploit Title: MagnusBilling 6.x and 7.x Unauthenticated Remote Command Injection Vulnerability Date: 2024-10-26 Exploit Author: CodeSecLab Vendor Homepage:...

9.8CVSS9.8AI score0.93709EPSS
Exploits15
GithubExploit
GithubExploitadded 2025/03/25 4:0 p.m.280 views

Exploit for OS Command Injection in Magnussolution Magnusbilling

CVE-2023-30258-RCE-POC POC for CVE-2023-30258-RCE by n0o0b...

9.8CVSS7.4AI score0.93709EPSS
Exploits15
RedhatCVE
RedhatCVEadded 2025/03/23 11:14 p.m.10 views

CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

8.2CVSS6.2AI score0.03183EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/03/23 11:14 p.m.16 views

CVE-2025-2610

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling...

7.6CVSS6.3AI score0.01578EPSS
Exploits1References1
OSV
OSVadded 2025/03/21 11:15 p.m.6 views

CVE-2025-2610

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling...

5.4CVSS6.4AI score
Exploits0References3
NVD
NVDadded 2025/03/21 11:15 p.m.17 views

CVE-2025-2610

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling...

7.6CVSS0.01578EPSS
Exploits1References3
CVE
CVEadded 2025/03/21 10:41 p.m.90 views

CVE-2025-2609

CVE-2025-2609 affects MagnusBilling up to version 7.3.0. Affected component: MagnusLog.Php in the login logging, where improper input neutralization during web page generation allows unauthenticated users to store HTML content in the viewable log at /mbilling/index.php/logUsers/read, enabling cro...

8.2CVSS6.3AI score0.03183EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder