Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2017-15933
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
580
VMScore
CVE-2021-27513
The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."
Eyesofnetwork Eyesofnetwork 5.3-10
2 Github repositories
445
VMScore
CVE-2017-13780
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows directory traversal attacks for reading arbitrary files via the module/admin_conf/download.php file parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
578
VMScore
CVE-2017-14119
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in a parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
312
VMScore
CVE-2022-24612
An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.
Eyesofnetwork Eyesofnetwork 5.3-11
905
VMScore
CVE-2020-8654
An issue exists in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
755
VMScore
CVE-2020-8656
An issue exists in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated malicious user to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
Eyesofnetwork Eyesofnetwork 5.3-0
1 EDB exploit
1 Github repository
668
VMScore
CVE-2017-14247
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the user_id cookie to header.php, a related issue to CVE-2017-1000060.
Eyesofnetwork Eyesofnetwork 5.1-0
668
VMScore
CVE-2017-14252
SQL Injection exists in the EyesOfNetwork web interface (aka eonweb) 5.1-0 via the group_id cookie to side.php.
Eyesofnetwork Eyesofnetwork 5.1-0
668
VMScore
CVE-2017-14403
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.
Eyesofnetwork Eyesofnetwork 5.1-0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »