Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2017-14984
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the bp_name parameter to /module/admin_bp/add_services.php.
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2017-14247
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060.
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2017-14402
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT CREATION" section, related to lack of input validation in include/function.php.
Eyesofnetwork Eyesofnetwork 5.1-0
8.8
CVSSv3
CVE-2017-14118
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.p...
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2021-27514
EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
8.8
CVSSv3
CVE-2019-14923
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
Eyesofnetwork Eyesofnetwork 5.1-0
4.8
CVSSv3
CVE-2017-14983
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object parameter to module/admin_conf/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
5.4
CVSSv3
CVE-2017-14985
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
4.8
CVSSv3
CVE-2017-15188
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2017-1000060
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root
Eyesofnetwork Eyesofnetwork 5.1-0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »