Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
eyesofnetwork eyesofnetwork 5.1-0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2017-14118
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\interface.php does not properly restrict exec calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in the host_list parameter to module/tool_all/select_tool.p...
Eyesofnetwork Eyesofnetwork 5.1-0
8.8
CVSSv3
CVE-2017-14119
In the EyesOfNetwork web interface (aka eonweb) 5.1-0, module\tool_all\tools\snmpwalk.php does not properly restrict popen calls, which allows remote malicious users to execute arbitrary commands via shell metacharacters in a parameter.
Eyesofnetwork Eyesofnetwork 5.1-0
5.4
CVSSv3
CVE-2017-14753
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
7.2
CVSSv3
CVE-2017-15880
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group)...
Eyesofnetwork Eyesofnetwork 5.1-0
7.2
CVSSv3
CVE-2017-15933
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
4.8
CVSSv3
CVE-2017-14983
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object parameter to module/admin_conf/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
5.4
CVSSv3
CVE-2017-14985
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2017-14401
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.
Eyesofnetwork Eyesofnetwork 5.1-0
9.8
CVSSv3
CVE-2017-14403
The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php.
Eyesofnetwork Eyesofnetwork 5.1-0
4.8
CVSSv3
CVE-2017-15188
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
Eyesofnetwork Eyesofnetwork 5.1-0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
firewall
CVE-2024-35649
stored XSS
CVE-2022-28654
CVE-2020-35153
CVE-2024-27348
CVE-2022-28652
local users
CVE-2017-3506
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »