14 matches found
EUVD-2014-3843
Malware in sbrugna...
EUVD-2007-2803
Malware in sbrugna...
CVE-2014-3906
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-3906
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-3906
OSK Advance-Flow 4.41 and earlier, including Advance-Flow Forms 4.41 and earlier, are affected by CVE-2014-3906 due to a SQL injection vulnerability. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, potentially enabling access to or modification of data...
Advance-Flow vulnerable to SQL injection
Overview Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Yoshinori Ohta of Business Architects Inc. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnershi...
JVN#20812625: Advance-Flow vulnerable to SQL injection
Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Impact A user may obtain or alter information on the database. Solution Do not use Advance-Flow The developer has stated that the support of Advance-Flow has been discontinued thus...
Advance-Flow cross-site scripting vulnerability
Overview Advance-Flow is an electronic authorization system. Advance-Flow contains a cross-site scripting vulnerability in its application form. Advance-Flow provided by OSK Co. LTD contains a cross-site scripting vulnerability, as it does not properly handle output data. Some application forms a...
CVE-2007-2811
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-2811
The CVE-2007-2811 issue affects OSK Advance-Flow (and related forms) prior to version 4.42, where an XSS vulnerability exists in the application forms. The vulnerability allows remote attackers to inject arbitrary script/HTML via unspecified vectors, potentially executing code in a user’s browser...
CVE-2007-2811
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
JVN#92832583 Advance-Flow cross-site scripting vulnerability
Advance-Flow provided by OSK Co. LTD contains a cross-site scripting vulnerability, as it does not properly handle output data. Some application forms are not affected by this vulnerability and some are, depending on the contents of the application forms. Impact An arbitrary script may be execute...