CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

Exploit for OS Command Injection in Magnussolution Magnusbilling

CVE-2023-30258-RCE-POC POC for CVE-2023-30258-RCE by n0o0b...

CVE-2025-2609

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is...

CVE-2025-2610

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling...

CVE-2025-2610

Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling Alarm Module modules allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling...

CVE-2025-2609

CVE-2025-2609 affects MagnusBilling up to version 7.3.0. Affected component: MagnusLog.Php in the login logging, where improper input neutralization during web page generation allows unauthenticated users to store HTML content in the viewable log at /mbilling/index.php/logUsers/read, enabling cro...

CVE-2025-2610

MagnusBilling (Alarm Module) CVE-2025-2610 is a stored cross-site scripting vulnerability in MagnusLog.Php caused by improper neutralization of input during web page generation. Affected: MagnusBilling up to version 7.3.0. Impact: authenticated attackers can inject HTML/JavaScript that persists a...

VulnCheck KEV: CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

Command injection

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

CVE-2023-30258

CVE-2023-30258 affects MagnusBilling magnusbilling 6.x and 7.x with an unauthenticated remote command injection in lib/icepay/icepay.php via the democ parameter. An attacker can craft a request to run arbitrary OS commands, enabling full system compromise as indicated by connected templates and e...

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

CVE-2023-30258

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request...

PT-2023-22608 · Unknown · Magnusbilling

Name of the Vulnerable Software and Affected Versions: MagnusSolution magnusbilling versions 6.x through 7.x Description: The issue allows remote attackers to run arbitrary commands via unauthenticated HTTP requests. This is a Command Injection vulnerability. There are reports of real-world...