A vulnerability, which was classified as problematic, has been found in FOSSBilling up to 0.8.0. Affected is the function md5 of the component File Storage. This manipulation causes unrestricted upload.

This vulnerability appears as CVE-2026-53648. The attack may be initiated remotely. There is no available exploit.