Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
9
CVSSv2
CVE-2020-8654
An issue exists in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
9.3
CVSSv2
CVE-2020-8655
An issue exists in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2020-8656
An issue exists in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated malicious user to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2020-8657
An issue exists in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an malicious user to calculate/guess the admin access token.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
6.5
CVSSv2
CVE-2019-14923
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2017-15933
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
NA
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41433
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
Eyesofnetwork Web Interface 5.3
6.5
CVSSv2
CVE-2017-6087
EyesOfNetwork ("EON") 5.0 and previous versions allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.p...
Eonweb Project Eonweb
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3581
reflected XSS
CVE-2024-26925
CVE-2024-27956
LFI
CVE-2024-3607
CVE-2024-3107
CVE-2024-3295
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4