Lucene search
K

7 matches found

OSV
OSV
added 2021/02/22 12:15 a.m.18 views

CVE-2021-27513

The module adminITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."...

8.8CVSS9.1AI score
Exploits0References2
Cvelist
Cvelist
added 2020/10/29 6:26 p.m.16 views

CVE-2020-27887

An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmapbinary parameter to lilac/autodiscovery.php...

9.1AI score0.01744EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2020/02/07 12:0 a.m.21 views

CVE-2020-8655

An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assess...

9.3CVSS7.8AI score0.58076EPSS
In wildExploits9References4
0day.today
0day.today
added 2020/02/07 12:0 a.m.89 views

EyesOfNetwork 5.3 Remote Code Execution Exploit

Exploit for php platform in category web applications Exploit Title: EyesOfNetwork 5.3 - Remote Code Execution Exploit Author: Clément Billac Vendor Homepage: https://www.eyesofnetwork.com/ Software Link: http://download.eyesofnetwork.com/EyesOfNetwork-5.3-x8664-bin.iso Version: 5.3 CVE :...

9.3CVSS0.85646EPSS
Exploits11
Cvelist
Cvelist
added 2020/02/06 11:58 p.m.19 views

CVE-2020-8655

An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7...

8.3AI score0.58076EPSS
Exploits9References3
Prion
Prion
added 2020/02/06 6:15 p.m.25 views

Hardcoded credentials

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

5CVSS9.3AI score0.91874EPSS
Exploits4References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2020/02/06 12:0 a.m.20 views

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token. Recent assessments: Assessed Attack...

9.8CVSS4.5AI score0.91874EPSS
In wildExploits4References3
Rows per page
Query Builder