📦 Blesta

This vulnerability in Blesta billing software allows attackers to perform object injection attacks by sending specially crafted data. This affects all Blesta installations running versions 3.x through...

CVE-2026-25614 is a PHP object injection vulnerability in Blesta billing software that allows attackers to execute arbitrary code by deserializing untrusted data. This affects all Blesta installations...

A path traversal vulnerability in Blesta's upload directory allows attackers to access files outside intended boundaries. This can lead to account takeover and remote code execution. All Blesta instal...

This CVE describes a cross-site scripting (XSS) vulnerability in Blesta billing software where improper input validation allows attackers to inject malicious scripts. The vulnerability affects all Ble...