Vulnerabilities > Eyesofnetwork
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-10-29 | CVE-2020-27887 | OS Command Injection vulnerability in Eyesofnetwork An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. | 8.8 |
2020-10-29 | CVE-2020-27886 | SQL Injection vulnerability in Eyesofnetwork 5.37/5.38 An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. | 9.8 |
2020-08-27 | CVE-2020-24390 | Cross-site Scripting vulnerability in Eyesofnetwork eonweb in EyesOfNetwork before 5.3-7 does not properly escape the username on the /module/admin_logs page, which might allow pre-authentication stored XSS during login/logout logs recording. | 6.1 |
2020-02-28 | CVE-2020-9465 | SQL Injection vulnerability in Eyesofnetwork An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. | 9.8 |
2020-02-07 | CVE-2020-8656 | SQL Injection vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 9.8 |
2020-02-07 | CVE-2020-8655 | Improper Privilege Management vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 7.8 |
2020-02-07 | CVE-2020-8654 | OS Command Injection vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 8.8 |
2020-02-06 | CVE-2020-8657 | Use of Hard-coded Credentials vulnerability in Eyesofnetwork 5.30 An issue was discovered in EyesOfNetwork 5.3. | 9.8 |
2019-08-16 | CVE-2019-14923 | OS Command Injection vulnerability in Eyesofnetwork 5.10 EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field. | 8.8 |
2017-10-29 | CVE-2017-16000 | SQL Injection vulnerability in Eyesofnetwork 5.10 SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php. | 7.2 |