Vulnerabilidades em FOSSBilling
16 resultadosCVE-2023-3521MEDIUMCross-site Scripting (XSS) - Reflected in fossbilling/fossbillingEPSS 0.9%CVE-2023-3393HIGHCode Injection in fossbilling/fossbillingEPSS 0.9%CVE-2023-3490CRITICALSQL Injection in fossbilling/fossbillingEPSS 0.8%CVE-2023-3491HIGHUnrestricted Upload of File with Dangerous Type in fossbilling/fossbillingEPSS 0.7%CVE-2023-3229MEDIUMBusiness Logic Errors in fossbilling/fossbillingEPSS 0.5%CVE-2023-3228MEDIUMBusiness Logic Errors in fossbilling/fossbillingEPSS 0.5%CVE-2023-3493HIGHImproper Neutralization of Formula Elements in a CSV File in fossbilling/fossbillingEPSS 0.4%CVE-2023-3394MEDIUMSession Fixation in fossbilling/fossbillingEPSS 0.4%CVE-2023-4005LOWInsufficient Session Expiration in fossbilling/fossbillingEPSS 0.4%CVE-2023-3230MEDIUMMissing Authorization in fossbilling/fossbillingEPSS 0.4%CVE-2023-3227MEDIUMInsufficient Granularity of Access Control in fossbilling/fossbillingEPSS 0.4%CVE-2026-40495MEDIUMFOSSBilling version exposed via asset cache busterEPSS 0.3%CVE-2026-43924MEDIUMFOSSBilling has an open redirect via administrator-configured redirect targetsEPSS 0.3%CVE-2026-43926MEDIUMFOSSBilling's password reset confirmation endpoint lacks rate limitingEPSS 0.2%CVE-2026-27604CRITICALFOSSBilling: Improper API Role Validation (system) Enables Unauthenticated Access to Privileged Admin FunctionsEPSS —CVE-2026-28496CRITICALFOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCEEPSS —