SQL Injection in Fossbilling

CVE-2026-33734

FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the `Massmailer` module filter functionality. An authenticated administrator can supply crafted fil…

Vulnerability class: SQL Injection

Affected products

Weakness classification (CWE)

References