Vulnerabilities > Eyesofnetwork

DATE	CVE	VULNERABILITY TITLE	RISK
2017-10-27	CVE-2017-15933	SQL Injection vulnerability in Eyesofnetwork 5.10 SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php. network low complexity eyesofnetwork CWE-89	7.2
2017-10-24	CVE-2017-15880	SQL Injection vulnerability in Eyesofnetwork 5.10 SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group). network low complexity eyesofnetwork CWE-89	7.2
2017-10-11	CVE-2017-15188	Cross-site Scripting vulnerability in Eyesofnetwork 5.10 A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php. network low complexity eyesofnetwork CWE-79	4.8
2017-10-03	CVE-2017-14985	Cross-site Scripting vulnerability in Eyesofnetwork 5.10 Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php. network low complexity eyesofnetwork CWE-79	5.4
2017-10-03	CVE-2017-14984	Cross-site Scripting vulnerability in Eyesofnetwork 5.10 Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the bp_name parameter to /module/admin_bp/add_services.php. network low complexity eyesofnetwork CWE-79	5.4
2017-10-03	CVE-2017-14983	Cross-site Scripting vulnerability in Eyesofnetwork 5.10 Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object parameter to module/admin_conf/index.php. network low complexity eyesofnetwork CWE-79	4.8
2017-09-27	CVE-2017-14753	Cross-site Scripting vulnerability in Eyesofnetwork 5.10 Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php. network low complexity eyesofnetwork CWE-79	5.4
2017-09-13	CVE-2017-14405	OS Command Injection vulnerability in Eyesofnetwork 5.10 The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote command execution via shell metacharacters in a hosts_cacti array parameter to module/admin_device/index.php. network low complexity eyesofnetwork CWE-78	7.2
2017-09-13	CVE-2017-14404	Information Exposure vulnerability in Eyesofnetwork 5.10 The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_list=php://filter/ substring. network low complexity eyesofnetwork CWE-200	7.5
2017-09-13	CVE-2017-14403	SQL Injection vulnerability in Eyesofnetwork 5.10 The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the term parameter to module/admin_group/search.php. network low complexity eyesofnetwork CWE-89 critical	9.8

Vulnerabilities > Eyesofnetwork {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Eyesofnetwork"}]}

Vulnerabilities > Eyesofnetwork