magnussolution CVE Vulnerabilities & CVE List (4)

Products (CPE): — CVEs: 4

magnussolution vulnerability overview

Aggregates CVE and security vulnerability intelligence across all magnussolution-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.

Historical issues mainly involve vendor risk cross-site scripting and vendor risk command injection and related problems; some flaws may lead to vendor impact session compromise.

Vulnerability distribution trend (last 24 months)

CVE	Summary	Source	Max CVSS	EPSS %	Published	Updated
CVE-2025-52289	A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom "pending" to "active" without requiring administrator approval.	[email protected]	8.0	0.22%	2025-07-31	2025-08-06
CVE-2025-2610	Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling (Alarm Module modules) allows authenticated stored cross-site scripting. This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.	[email protected]	7.6	1.58%	2025-03-21	2025-04-01
CVE-2025-2609	Improper neutralization of input during web page generation vulnerability in MagnusSolution MagnusBilling login logging allows unauthenticated users to store HTML content in the viewable log component accessible at /mbilling/index.php/logUsers/read" cross-site scripting This vulnerability is associated with program files protected/components/MagnusLog.Php. This issue affects MagnusBilling: through 7.3.0.	[email protected]	8.2	3.18%	2025-03-21	2025-04-01
CVE-2023-30258	Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request.	[email protected]	9.8	93.68%	2023-06-23	2025-08-29

cvelogic Threat Intelligence