Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-27514
EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
6.5
CVSSv2
CVE-2017-15880
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group)...
Eyesofnetwork Eyesofnetwork 5.1-0
5
CVSSv2
CVE-2017-13780
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2017-14118
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.p...
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2017-14119
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in a parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
7.5
CVSSv2
CVE-2017-14247
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060.
Eyesofnetwork Eyesofnetwork 5.1-0
10
CVSSv2
CVE-2017-1000060
EyesOfNetwork (EON) 5.1 Unauthenticated SQL Injection in eonweb leading to remote root
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2021-27513
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
3.5
CVSSv2
CVE-2022-24612
An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.
Eyesofnetwork Eyesofnetwork 5.3-11
6.5
CVSSv2
CVE-2017-16000
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »