CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

9.8CVSS6.7AI score0.91874EPSS

Exploits4References1

Vulnrichment•added 2022/09/27 1:53 a.m.•9 views

CVE-2022-41570

An issue was discovered in EyesOfNetwork EON through 5.3.11. Unauthenticated SQL injection can occur...

7.8AI score0.00652EPSS

Exploits0References1

Positive Technologies•added 2022/09/27 12:0 a.m.•8 views

PT-2022-25945 · Unknown · Eyesofnetwork

Name of the Vulnerable Software and Affected Versions: EyesOfNetwork EON versions 5.3.11 and earlier Description: An issue allows unauthenticated SQL injection to occur. Recommendations: For EyesOfNetwork EON versions 5.3.11 and earlier, at the moment, there is no information about a newer versio...

9.8CVSS9.8AI score0.00652EPSS

Exploits0References5

Positive Technologies•added 2022/09/27 12:0 a.m.•6 views

PT-2022-25946 · Unknown · Eyesofnetwork

Name of the Vulnerable Software and Affected Versions: EyesOfNetwork EON versions 5.3.11 and earlier Description: An issue was discovered that allows local file inclusion to occur. Recommendations: For EyesOfNetwork EON versions 5.3.11 and earlier, at the moment, there is no information about a...

9.8CVSS9AI score0.00794EPSS

Exploits0References5

NVD•added 2021/02/22 12:15 a.m.•15 views

CVE-2021-27514

EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass such as in CVE-2021-27513 exploitation...

9.8CVSS0.03548EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by