7 matches found
EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution
EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655,...
CVE-2020-9465
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the userid field in a cookie...
Exploit for OS Command Injection in Eyesofnetwork
This is an exploit module for EyesOfNetwork 5.1 to 5.3, a network monitoring and management tool. The exploit targets three vulnerabilities: CVE-2020-8654, CVE-2020-8655, and CVE-2020-9465. CVE-2020-8654 is a discovery module that allows arbitrary OS commands to be run. The exploit uses the targe...
SQL Injection Over HTTP Traffic (CVE-2020-11530; CVE-2020-17463; CVE-2020-17506; CVE-2020-25990; CVE-2020-27481; CVE-2020-5766; CVE-2020-8655; CVE-2020-8656; CVE-2020-9465)
SQL Injection Over HTTP Traffic...
Eyes Of Network (EON) 5.1 < 5.3-3 SQLi Vulnerability - Active Check
Eyes Of Network EON is prone to an unauthenticated SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2020-9465
creationtimestamp| type| source ---|---|--- 2020-03-02 21:31:51+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/eyesofnetworkautodiscoveryrce.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:32+00:00...
CVE-2020-9465
EyesOfNetwork eonweb versions 5.1–5.3 (pre-5.3-3) contain a SQL injection in the API getApiKey function (username field) allowing unauthenticated access; exploitation is demonstrated in various advisories and modules (e.g., Metasploit exploit for EyesOfNetwork Autodiscovery). The issue can lead t...