Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2017-14985
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
3.5
CVSSv2
CVE-2022-24612
An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.
Eyesofnetwork Eyesofnetwork 5.3-11
3.5
CVSSv2
CVE-2017-15188
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
5
CVSSv2
CVE-2017-13780
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2021-27513
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
7.5
CVSSv2
CVE-2021-27514
EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
NA
CVE-2022-41433
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
6.5
CVSSv2
CVE-2017-6087
EyesOfNetwork ("EON") 5.0 and previous versions allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.p...
Eonweb Project Eonweb
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4