Vulnerabilities > Eyesofnetwork > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-08 CVE-2022-41432 Cross-site Scripting vulnerability in Eyesofnetwork web Interface 5.3
EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.
network
low complexity
eyesofnetwork CWE-79
4.8
2022-11-08 CVE-2022-41433 Cross-site Scripting vulnerability in Eyesofnetwork web Interface 5.3
EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.
network
low complexity
eyesofnetwork CWE-79
4.8
2022-11-08 CVE-2022-41434 Cross-site Scripting vulnerability in Eyesofnetwork web Interface 5.3
EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.
network
low complexity
eyesofnetwork CWE-79
6.1
2022-02-25 CVE-2022-24612 Cross-site Scripting vulnerability in Eyesofnetwork 5.311
An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.
network
low complexity
eyesofnetwork CWE-79
5.4
2020-08-27 CVE-2020-24390 Cross-site Scripting vulnerability in Eyesofnetwork
eonweb in EyesOfNetwork before 5.3-7 does not properly escape the username on the /module/admin_logs page, which might allow pre-authentication stored XSS during login/logout logs recording.
network
low complexity
eyesofnetwork CWE-79
6.1
2017-10-11 CVE-2017-15188 Cross-site Scripting vulnerability in Eyesofnetwork 5.10
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
network
low complexity
eyesofnetwork CWE-79
4.8
2017-10-03 CVE-2017-14985 Cross-site Scripting vulnerability in Eyesofnetwork 5.10
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
network
low complexity
eyesofnetwork CWE-79
5.4
2017-10-03 CVE-2017-14984 Cross-site Scripting vulnerability in Eyesofnetwork 5.10
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the bp_name parameter to /module/admin_bp/add_services.php.
network
low complexity
eyesofnetwork CWE-79
5.4
2017-10-03 CVE-2017-14983 Cross-site Scripting vulnerability in Eyesofnetwork 5.10
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object parameter to module/admin_conf/index.php.
network
low complexity
eyesofnetwork CWE-79
4.8
2017-09-27 CVE-2017-14753 Cross-site Scripting vulnerability in Eyesofnetwork 5.10
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php.
network
low complexity
eyesofnetwork CWE-79
5.4