Browse all 5 CVE security advisories affecting ledgersmb. AI-powered Chinese analysis, POCs, and references for each vulnerability.
LedgersMB serves as an open-source accounting system designed for small to medium businesses, handling financial transactions, inventory management, and payroll. Historically, the application has been susceptible to multiple vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation, as evidenced by its five recorded CVEs. Notable security characteristics include its Perl-based architecture and regular security updates, though past incidents have involved authentication bypass flaws and insecure default configurations. The project maintains a moderate security posture with ongoing community-driven patches, though organizations should implement additional hardening measures for production environments.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-23831 | Privilege escalation through CSRF attack on 'setup.pl' — LedgerSMBCWE-352 | 7.5 | High | 2024-02-02 |
This page lists every published CVE security advisory associated with ledgersmb. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.