2 matches found
EyesOfNetwork web interface 'tool_list' parameter file inclusion vulnerability
EyesOfNetwork EON is an open source, free IT monitoring solution. The solution provides business process configuration tools, generating pop-up windows when events occur in the active queue, etc. EyesOfNetwork web interface aka eonweb is one of the web interfaces. A security vulnerability exists ...
Code injection
The EyesOfNetwork web interface aka eonweb 5.1-0 allows local file inclusion via the toollist parameter aka the urltool variable to module/toolall/selecttool.php, as demonstrated by a toollist=php://filter/ substring...