Lucene search
K

7 matches found

Nuclei
Nuclei
added 4 days ago171 views

EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution

EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...

9.8CVSS7.4AI score0.91874EPSS
Exploits13References5
RedhatCVE
RedhatCVE
added 2025/05/22 3:43 p.m.9 views

CVE-2020-9465

An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the userid field in a cookie...

9.8CVSS7.8AI score0.82244EPSS
Exploits3References1
Gitee
Gitee
added 2021/10/02 2:45 p.m.8 views

Exploit for OS Command Injection in Eyesofnetwork

This is an exploit module for EyesOfNetwork 5.1 to 5.3, a network monitoring and management tool. The exploit targets three vulnerabilities: CVE-2020-8654, CVE-2020-8655, and CVE-2020-9465. CVE-2020-8654 is a discovery module that allows arbitrary OS commands to be run. The exploit uses the targe...

9.8CVSS8.2AI score0.85646EPSS
Exploits11
Check Point Advisories
Check Point Advisories
added 2020/11/18 12:0 a.m.55 views

SQL Injection Over HTTP Traffic (CVE-2020-11530; CVE-2020-17463; CVE-2020-17506; CVE-2020-25990; CVE-2020-27481; CVE-2020-5766; CVE-2020-8655; CVE-2020-8656; CVE-2020-9465)

SQL Injection Over HTTP Traffic...

9.3CVSS0.9AI score0.95657EPSS
Exploits38
OpenVAS
OpenVAS
added 2020/03/04 12:0 a.m.25 views

Eyes Of Network (EON) 5.1 < 5.3-3 SQLi Vulnerability - Active Check

Eyes Of Network EON is prone to an unauthenticated SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS9.7AI score0.82244EPSS
Exploits3References2
Circl
Circl
added 2020/03/02 9:31 p.m.10 views

CVE-2020-9465

creationtimestamp| type| source ---|---|--- 2020-03-02 21:31:51+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetworkautodiscoveryrce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:32+00:00...

9.8CVSS7.8AI score0.82244EPSS
Exploits3References1
CVE
CVE
added 2020/02/28 7:32 p.m.130 views

CVE-2020-9465

EyesOfNetwork eonweb versions 5.1–5.3 (pre-5.3-3) contain a SQL injection in the API getApiKey function (username field) allowing unauthenticated access; exploitation is demonstrated in various advisories and modules (e.g., Metasploit exploit for EyesOfNetwork Autodiscovery). The issue can lead t...

9.8CVSS9.8AI score0.82244EPSS
Exploits3References2Affected Software1
Rows per page
Query Builder