Vulnerabilities > Magnussolution > Magnusbilling > 7.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-21 | CVE-2025-2609 | Cross-site Scripting vulnerability in Magnussolution Magnusbilling Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0. | 6.1 |
| 2025-03-21 | CVE-2025-2610 | Cross-site Scripting vulnerability in Magnussolution Magnusbilling Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. | 5.4 |
| 2023-06-23 | CVE-2023-30258 | OS Command Injection vulnerability in Magnussolution Magnusbilling Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request. | 9.8 |