Back to directory
WRITEUP #475

LedgerSMB – CVE-2024-23831: Privilege escalation through CSRF attack on “setup.pl”

CSRF
byGeorge Roumeliotis
Program
LedgerSMB
Published
Feb 2, 2024
Added to HackDex
Feb 6, 2024
Read Full Writeuphttps://twelvesec.com/2024/02/02/cve-2024-23831/
RELATED WRITEUPS
Basic HTTP Authentication Risk: Uncovering pyspider Vulnerabilities
XSSReflected XSS
CSRF Bypass Using Domain Confusion Leads To ATO
CSRFAccount takeover
Vulnerabilities in Homepage Dashboard
RCESSRF
AI Under Siege: Discovering and Exploiting Vulnerabilities
AI / LLMAI
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty
XSSCSRF

Built with ❤️ by Shubham Rawat