EUVD-2015-6484

Malware in sbrugna...

CERB_Coin Numeric Error Vulnerability

CERBCoin is an ethereum-based digital currency. An integer overflow vulnerability exists in the 'mintToken' function in CERBCoin's smart contract implementation. An attacker can exploit this vulnerability to set the balance of any user to an arbitrary value...

Cross-Site Request Forgery in Cerb

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14, 2015 Public Disclosure: September 2, 201...

CVE-2015-6545

Cross-site request forgery CSRF vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action...

CVE-2015-6545

Cross-site request forgery CSRF vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action...

CVE-2015-6545

CVE-2015-6545: A CSRF flaw in Cerb (Webgroup Media LLC) affects the ajax.php endpoint, enabling an authenticated attacker to add an administrator account via the saveWorkerPeek action. Affected version(s): Cerb 7.0.3 and likely earlier; fixed in Cerb 7.0.4. Impact: unauthorized creation of admin ...

Cerb 7.0.3 - Cross-Site Request Forgery

Cerb 7.0.3 - Cross-Site Request Forgery Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14,...

Cerb 7.0.3 - Cross-Site Request Forgery

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14, 2015 Public Disclosure: September 2, 201...

Cerb 7.0.3 Cross Site Request Forgery Vulnerability

Cerb version 7.0.3 suffers from a cross site request forgery vulnerability. Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patc...

Cerb Cross-Site Request Forgery Vulnerability

Cerb is a fast and flexible web-based business collaboration and automation platform. A cross-site request forgery vulnerability exists in Cerb. The "/ajax.php" script fails to properly validate the origin of incoming HTTP requests. The vulnerability could be exploited to allow an attacker to gai...

Cerb 7.0.3 Cross Site Request Forgery

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Versions: 7.0.3 and probably prior Tested Version: 7.0.3 Advisory Publication: August 12, 2015 without technical details Vendor Notification: August 12, 2015 Vendor Patch: August 14, 2015 Public Disclosure: September 2, 201...

Cross-Site Request Forgery in Cerb

High-Tech Bridge Security Research Lab discovered CSRF vulnerability in Cerb platform, which can be exploited to perform Cross-Site Request Forgery attacks against administrators of vulnerable web application to add administrate accounts into the system. The vulnerability exists due to failure of...

Cerb Multiple Vulnerabilities

The version of Cerb installed on the remote host is earlier than 6.2.5. It is, therefore, affected by multiple vulnerabilities: - A flaw exists in that the application does not validate input passed via HTML email attachments, making it vulnerable to XSS. An attacker could exploit this issue to...

Cerb Detection

The remote web server hosts Cerb, a web-based business collaboration and automation tool. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid65983; scriptversion"1.3"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/06/01"; scriptnameenglish:"Cerb...