cbcvebase.

Fossbilling Fossbilling vulnerabilities

11 known vulnerabilities affecting fossbilling/fossbilling_fossbilling.

Total CVEs
11
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH4MEDIUM5

Vulnerabilities

Page 1 of 1
CVE-2023-3521P3MEDIUMCVSS 6.1PoC≥ unspecified, < 0.5.42023-07-06
CVE-2023-3521 [MEDIUM] CWE-79 CVE-2023-3521: Cross-site Scripting (XSS) - Reflected in GitHub repository fossbilling/fossbilling prior to 0.5.4. Cross-site Scripting (XSS) - Reflected in GitHub repository fossbilling/fossbilling prior to 0.5.4.
nvd
CVE-2023-3491P3HIGHCVSS 8.8≥ unspecified, < 0.5.32023-06-30
CVE-2023-3491 [HIGH] CWE-434 CVE-2023-3491: Unrestricted Upload of File with Dangerous Type in GitHub repository fossbilling/fossbilling prior t Unrestricted Upload of File with Dangerous Type in GitHub repository fossbilling/fossbilling prior to 0.5.3.
nvd
CVE-2023-3490P3CRITICALCVSS 9.8≥ unspecified, < 0.5.32023-06-30
CVE-2023-3490 [CRITICAL] CWE-89 CVE-2023-3490: SQL Injection in GitHub repository fossbilling/fossbilling prior to 0.5.3. SQL Injection in GitHub repository fossbilling/fossbilling prior to 0.5.3.
nvd
CVE-2023-3393P3HIGHCVSS 7.2≥ unspecified, < 0.5.12023-06-23
CVE-2023-3393 [HIGH] CWE-94 CVE-2023-3393: Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1. Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1.
nvd
CVE-2023-3230P3HIGHCVSS 7.5≥ unspecified, < 0.5.02023-06-14
CVE-2023-3230 [HIGH] CWE-862 CVE-2023-3230: Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0. Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0.
nvd
CVE-2023-3493P3HIGHCVSS 8.0≥ unspecified, < 0.5.32023-06-30
CVE-2023-3493 [HIGH] CWE-1236 CVE-2023-3493: Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilli Improper Neutralization of Formula Elements in a CSV File in GitHub repository fossbilling/fossbilling prior to 0.5.3.
nvd
CVE-2023-4005P4CRITICALCVSS 9.8≥ unspecified, < 0.5.52023-07-31
CVE-2023-4005 [CRITICAL] CWE-613 CVE-2023-4005: Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5. Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5.
nvd
CVE-2023-3229P4MEDIUMCVSS 6.5≥ unspecified, < 0.5.02023-06-14
CVE-2023-3229 [MEDIUM] CWE-840 CVE-2023-3229: Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0. Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.
nvd
CVE-2023-3227P4MEDIUMCVSS 5.7≥ unspecified, < 0.5.02023-06-14
CVE-2023-3227 [MEDIUM] CWE-1220 CVE-2023-3227: Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5 Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0.
nvd
CVE-2023-3228P4MEDIUMCVSS 5.7≥ unspecified, < 0.5.02023-06-14
CVE-2023-3228 [MEDIUM] CWE-840 CVE-2023-3228: Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0. Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0.
nvd
CVE-2023-3394P4MEDIUMCVSS 5.4≥ unspecified, < 0.5.12023-06-23
CVE-2023-3394 [MEDIUM] CWE-384 CVE-2023-3394: Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1.
nvd
Fossbilling Fossbilling vulnerabilities | cvebase