Show filters
20 Total Results
Displaying 1-10 of 20
Sort by:
Attacker Value
Unknown

CVE-2019-14923

Disclosure Date: August 16, 2019 (last updated November 27, 2024)
EyesOfNetwork 5.1 allows Remote Command Execution via shell metacharacters in the module/tool_all/ host field.
0
0
Attacker Value
Unknown

CVE-2017-16000

Disclosure Date: October 29, 2017 (last updated November 26, 2024)
SQL injection vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the graph parameter to module/capacity_per_label/index.php.
0
0
Attacker Value
Unknown

CVE-2017-15933

Disclosure Date: October 27, 2017 (last updated November 26, 2024)
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the host parameter to module/capacity_per_device/index.php.
0
0
Attacker Value
Unknown

CVE-2017-15880

Disclosure Date: October 24, 2017 (last updated November 26, 2024)
SQL injection vulnerability vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to execute arbitrary SQL commands via the group_name parameter to module/admin_group/add_modify_group.php (for insert_group and update_group).
0
0
Attacker Value
Unknown

CVE-2017-15188

Disclosure Date: October 11, 2017 (last updated November 26, 2024)
A persistent (stored) XSS vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the hosts array parameter to module/admin_device/index.php.
0
0
Attacker Value
Unknown

CVE-2017-14983

Disclosure Date: October 03, 2017 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated administrators to inject arbitrary web script or HTML via the object parameter to module/admin_conf/index.php.
0
0
Attacker Value
Unknown

CVE-2017-14985

Disclosure Date: October 03, 2017 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the url parameter to module/module_frame/index.php.
0
0
Attacker Value
Unknown

CVE-2017-14984

Disclosure Date: October 03, 2017 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the bp_name parameter to /module/admin_bp/add_services.php.
0
0
Attacker Value
Unknown

CVE-2017-14753

Disclosure Date: September 27, 2017 (last updated November 26, 2024)
Cross-site scripting (XSS) vulnerability in the EyesOfNetwork web interface (aka eonweb) 5.1-0 allows remote authenticated users to inject arbitrary web script or HTML via the filter parameter to module/module_filters/index.php.
0
0
Attacker Value
Unknown

CVE-2017-14404

Disclosure Date: September 13, 2017 (last updated November 26, 2024)
The EyesOfNetwork web interface (aka eonweb) 5.1-0 allows local file inclusion via the tool_list parameter (aka the url_tool variable) to module/tool_all/select_tool.php, as demonstrated by a tool_list=php://filter/ substring.
0
0
View More Topics  Next >