Vulnerabilities

CVE-2025-52289

by Fred · 31/07/2025

A Broken Access Control vulnerability in MagnusBilling v7.8.5.3 allows newly registered users to gain escalated privileges by sending a crafted request to /mbilling/index.php/user/save to set their account status fom “pending” to “active” without requiring administrator approval.

More information : https://github.com/Madhav-Bhardwaj/CVE-2025-52289

Similar

Tags: Cybersecurity Alert