SQL Injection in Fossbilling
CVE-2026-33734
FOSSBilling is a free, open-source billing and client management system. Versions 0.6.0 through 0.7.2 have a SQL injection vulnerability in the `Massmailer` module filter functionality. An authenticated administrator can supply crafted fil…
Vulnerability class: SQL Injection
Affected products
- Fossbilling — versions >= 0.6.0, < 0.8.0
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)