Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-8656
An issue exists in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated malicious user to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
7.5
CVSSv2
CVE-2017-14252
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.
Eyesofnetwork Eyesofnetwork 5.1-0
7.5
CVSSv2
CVE-2017-14401
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.
Eyesofnetwork Eyesofnetwork 5.1-0
7.5
CVSSv2
CVE-2017-14403
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.
Eyesofnetwork Eyesofnetwork 5.1-0
5
CVSSv2
CVE-2017-14404
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_list=php://filter/ substring.
Eyesofnetwork Eyesofnetwork 5.1-0
6.5
CVSSv2
CVE-2017-14405
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
NA
CVE-2022-41433
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41434
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
Eyesofnetwork Web Interface 5.3
NA
CVE-2022-41432
EyesOfNetwork Web Interface v5.3 exists to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
Eyesofnetwork Web Interface 5.3
6.5
CVSSv2
CVE-2017-6087
EyesOfNetwork ("EON") 5.0 and previous versions allows remote authenticated users to execute arbitrary code via shell metacharacters in the selected_events[] parameter in the (1) acknowledge, (2) delete, or (3) ownDisown function in module/monitoring_ged/ged_functions.p...
Eonweb Project Eonweb
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4