18 matches found
EUVD-2014-3843
Malware in sbrugna...
EUVD-2007-2803
Malware in sbrugna...
Malicious code in @zalastax/nolb-osk (npm)
The package @zalastax/nolb-osk was found to contain malicious code...
MAL-2025-12852 Malicious code in @zalastax/nolb-osk (npm)
The package @zalastax/nolb-osk was found to contain malicious code...
Tofu - Windows Offline Filesystem Hacking Tool For Linux
A modular tool for hacking offline Windows filesystems and bypassing login screens. Can do hashdumps, OSK-Backdoors, user enumeration and more. How it works : When a Windows machine is shut down, unless it has Bitlocker or another encryption service enabled, it's storage device contains everythin...
osk-expert.pl Cross Site Scripting vulnerability OBB-1282486
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Sticky Keys Persistence Module
This module makes it possible to apply the 'sticky keys' hack to a session with appropriate rights. The hack provides a means to get a SYSTEM shell using UI-level interaction at an RDP login screen or via a UAC confirmation dialog. The module modifies the Debug registry setting for certain...
CVE-2014-3906
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
Sql injection
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
CVE-2014-3906
OSK Advance-Flow 4.41 and earlier, including Advance-Flow Forms 4.41 and earlier, are affected by CVE-2014-3906 due to a SQL injection vulnerability. The issue allows remote attackers to execute arbitrary SQL commands via unspecified vectors, potentially enabling access to or modification of data...
CVE-2014-3906
SQL injection vulnerability in OSK Advance-Flow 4.41 and earlier and Advance-Flow Forms 4.41 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors...
JVN#20812625: Advance-Flow vulnerable to SQL injection
Advance-Flow provided by OSK Co., LTD contains an issue in processing input data, which may result in SQL injection. Impact A user may obtain or alter information on the database. Solution Do not use Advance-Flow The developer has stated that the support of Advance-Flow has been discontinued thus...
MS14-039: Vulnerability in On-Screen Keyboard Could Allow Elevation of Privilege (2975685)
A privilege escalation vulnerability exists on the remote Windows host due to improper handling of low integrity processes with the On- Screen Keyboard OSK. A local attacker could exploit this vulnerability to execute arbitrary code on the remote host under the privileges of the current user. C...
CVE-2007-2811
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2007-2811
The CVE-2007-2811 issue affects OSK Advance-Flow (and related forms) prior to version 4.42, where an XSS vulnerability exists in the application forms. The vulnerability allows remote attackers to inject arbitrary script/HTML via unspecified vectors, potentially executing code in a user’s browser...
CVE-2007-2811
Cross-site scripting XSS vulnerability in OSK Advance-Flow 4.41 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
JVN#92832583 Advance-Flow cross-site scripting vulnerability
Advance-Flow provided by OSK Co. LTD contains a cross-site scripting vulnerability, as it does not properly handle output data. Some application forms are not affected by this vulnerability and some are, depending on the contents of the application forms. Impact An arbitrary script may be execute...