Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable admin function with low complexity; PR:H required per description; confirmed confidentiality-only impact from read-path SQL injection.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the Massmailer module filter functionality. An authenticated administrator can supply crafted filter values when updating a mass email message, causing untrusted input to be interpolated directly into SQL in the recipient selection query. Version 0.8.0 patches the issue. Some workarounds are available. Restrict administrator access to trusted users only, disable the Massmailer module if it is not required, audit existing records in the mod_massmailer table for suspicious filter values, and/or review administrator activity related to Massmailer message updates.
AnalysisAI
SQL injection in FOSSBilling's Massmailer module exposes the application database to read access by authenticated administrators who can supply crafted filter values during mass email message updates. Affected versions span 0.6.0 through 0.7.2, with the fix shipped in version 0.8.0. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires a valid, authenticated FOSSBilling administrator account - the CVSS 4.0 vector specifies PR:H. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 base score of 6.9 reflects the significant confidentiality impact tempered by the requirement for high-privilege (PR:H) administrator-level access. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker with valid FOSSBilling administrator credentials navigates to the Massmailer module and submits a crafted filter value - for example, a SQL UNION or boolean-based payload - in the recipient filter field of a mass email update request. The unsanitized value is interpolated into the backend recipient selection SQL query, allowing the attacker to enumerate database tables and extract sensitive records such as client personal data, billing information, or stored credentials. … |
| Remediation | The primary remediation is upgrading to FOSSBilling version 0.8.0, which patches the SQL injection in the Massmailer module per the vendor advisory at https://github.com/FOSSBilling/FOSSBilling/security/advisories/GHSA-jf7m-j359-2899. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Fossbilling
View allSQL Injection in GitHub repository fossbilling/fossbilling prior to 0.5.3. Rated critical severity (CVSS 9.8), this vuln
Server-side template injection in FOSSBilling versions prior to 0.8.0 allows authenticated administrators to execute arb
Unrestricted Upload of File with Dangerous Type in GitHub repository fossbilling/fossbilling prior to 0.5.3. Rated high
Missing Authorization in GitHub repository fossbilling/fossbilling prior to 0.5.0. Rated high severity (CVSS 7.5), this
Code Injection in GitHub repository fossbilling/fossbilling prior to 0.5.1. Rated high severity (CVSS 7.2), this vulnera
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0. Rated medium severity (CVSS 6.5), thi
Cross-site Scripting (XSS) - Reflected in GitHub repository fossbilling/fossbilling prior to 0.5.4. Rated medium severit
Authorization bypass in FOSSBilling versions 0.5.4 through 0.7.x allows unauthenticated remote attackers to invoke privi
Insufficient Session Expiration in GitHub repository fossbilling/fossbilling prior to 0.5.5. Rated critical severity (CV
Business Logic Errors in GitHub repository fossbilling/fossbilling prior to 0.5.0. Rated medium severity (CVSS 5.7), thi
Insufficient Granularity of Access Control in GitHub repository fossbilling/fossbilling prior to 0.5.0. Rated medium sev
Session Fixation in GitHub repository fossbilling/fossbilling prior to 0.5.1. Rated medium severity (CVSS 5.4), this vul
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41945