Vulnerabilities > Eyesofnetwork

DATE CVE VULNERABILITY TITLE RISK
2020-10-29 CVE-2020-27887 OS Command Injection vulnerability in Eyesofnetwork Eonweb
An issue was discovered in EyesOfNetwork 5.3 through 5.3-8.
network
low complexity
eyesofnetwork CWE-78
critical
9.0
2020-10-29 CVE-2020-27886 SQL Injection vulnerability in Eyesofnetwork Eonweb 5.37/5.38
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8.
network
low complexity
eyesofnetwork CWE-89
7.5
2020-08-27 CVE-2020-24390 Cross-site Scripting vulnerability in Eyesofnetwork 5.0
eonweb in EyesOfNetwork before 5.3-7 does not properly escape the username on the /module/admin_logs page, which might allow pre-authentication stored XSS during login/logout logs recording.
4.3
2020-02-28 CVE-2020-9465 SQL Injection vulnerability in Eyesofnetwork Eonweb
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3.
network
low complexity
eyesofnetwork CWE-89
7.5
2020-02-07 CVE-2020-8656 SQL Injection vulnerability in Eyesofnetwork 5.30
An issue was discovered in EyesOfNetwork 5.3.
network
low complexity
eyesofnetwork CWE-89
7.5
2020-02-07 CVE-2020-8655 Improper Privilege Management vulnerability in Eyesofnetwork 5.30
An issue was discovered in EyesOfNetwork 5.3.
network
eyesofnetwork CWE-269
critical
9.3
2020-02-07 CVE-2020-8654 OS Command Injection vulnerability in Eyesofnetwork 5.30
An issue was discovered in EyesOfNetwork 5.3.
network
low complexity
eyesofnetwork CWE-78
critical
9.0
2020-02-06 CVE-2020-8657 Use of Hard-coded Credentials vulnerability in Eyesofnetwork 5.30
An issue was discovered in EyesOfNetwork 5.3.
network
low complexity
eyesofnetwork CWE-798
5.0
2019-08-16 CVE-2019-14923 OS Command Injection vulnerability in Eyesofnetwork 5.10
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
network
low complexity
eyesofnetwork CWE-78
6.5
2017-10-29 CVE-2017-16000 SQL Injection vulnerability in Eyesofnetwork 5.10
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
network
low complexity
eyesofnetwork CWE-89
6.5