CVE Tools

eyesofnetwork

Unclassifiedunknown

29

Cumulative CVEs

6

Monthly snapshots

#33

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting eyesofnetwork.

CVE-2022-41572An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Privilege escalation can be accomplished on the server because nmap can be run as root. The attacker achieves total control over the s...9.8Jan 7, 2025
CVE-2022-41434EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /lilac/main.php.6.1Nov 8, 2022
CVE-2022-41433EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/admin_bp/add_application.php.4.8Nov 8, 2022
CVE-2022-41432EyesOfNetwork Web Interface v5.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /module/report_event/index.php.4.8Nov 8, 2022
CVE-2022-41571An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Local file inclusion can occur.9.8Sep 27, 2022
CVE-2022-41570An issue was discovered in EyesOfNetwork (EON) through 5.3.11. Unauthenticated SQL injection can occur.9.8Sep 27, 2022
CVE-2021-40643EyesOfNetwork before 07-07-2021 has a Remote Code Execution vulnerability on the mail options configuration page. In the location of the "sendmail" application in the "cacti" configuration page (by...9.8Jun 30, 2022
CVE-2022-24612An authenticated user can upload an XML file containing an XSS via the ITSM module of EyesOfNetwork 5.3.11, resulting in a stored XSS.5.4Feb 25, 2022
CVE-2020-8657Уязвимость программного средства мониторинга систем и сетей EyesOfNetwork (EON), связанная с использованием предустановленных учетных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации и повысить свои привилегии9.8Dec 1, 2021
CVE-2020-8655Уязвимость компонента /etc/sudoers программного средства мониторинга систем и сетей EyesOfNetwork (EON), позволяющая нарушителю повысить свои привилегии и выполнить произвольные команды8.8Dec 1, 2021
CVE-2021-33525EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via shell metacharacters in the nagios_path parameter to lilac/export.php, as demonstrated by %26%26+cur...8.8May 24, 2021
CVE-2021-27513The module admin_ITSM in EyesOfNetwork 5.3-10 allows remote authenticated users to upload arbitrary .xml.php files because it relies on "le filtre userside."8.8Feb 21, 2021
CVE-2021-27514EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).9.8Feb 21, 2021
CVE-2020-27887An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binar...8.8Oct 29, 2020
CVE-2020-27886An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available fun...9.8Oct 29, 2020