Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-14985
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
3.5
CVSSv2
CVE-2017-15188
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2021-27513
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
6.5
CVSSv2
CVE-2017-16000
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
10
CVSSv2
CVE-2017-1000060
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root
Eyesofnetwork Eyesofnetwork 5.1-0
3.5
CVSSv2
CVE-2022-24612
An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.
Eyesofnetwork Eyesofnetwork 5.3-11
6.5
CVSSv2
CVE-2017-14118
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.p...
Eyesofnetwork Eyesofnetwork 5.1-0
7.5
CVSSv2
CVE-2017-14252
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.
Eyesofnetwork Eyesofnetwork 5.1-0
7.5
CVSSv2
CVE-2017-14401
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.
Eyesofnetwork Eyesofnetwork 5.1-0
3.5
CVSSv2
CVE-2017-14753
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »