Jeff Standen

1 exploit Active since Sep 2015
CVE-2015-6545 WRITEUP WRITEUP
Cerb < 7.0.3 - Cross-Site Request Forgery via ajax.php saveWorkerPeek Action
Cross-site request forgery (CSRF) vulnerability in ajax.php in Cerb before 7.0.4 allows remote attackers to hijack the authentication of administrators for requests that add an administrator account via a saveWorkerPeek action.