Eyesofnetwork Eonweb
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Eyesofnetwork Eonweb.
By the Year
In 2026 there have been 0 vulnerabilities in Eyesofnetwork Eonweb. Eonweb did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 0 | 0.00 |
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 7 | 9.05 |
It may take a day or so for new Eonweb vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Eyesofnetwork Eonweb Security Vulnerabilities
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8
CVE-2020-27886
9.8 - Critical
- October 29, 2020
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).
SQL Injection
An issue was discovered in EyesOfNetwork 5.3 through 5.3-8
CVE-2020-27887
8.8 - High
- October 29, 2020
An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php.
Shell injection
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3
CVE-2020-9465
- February 28, 2020
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.
An issue was discovered in EyesOfNetwork 5.3
CVE-2020-8654
- February 07, 2020
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.
An issue was discovered in EyesOfNetwork 5.3
CVE-2020-8655
7.8 - High
- February 07, 2020
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.
Improper Privilege Management
An issue was discovered in EyesOfNetwork 5.3
CVE-2020-8656
- February 07, 2020
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
An issue was discovered in EyesOfNetwork 5.3
CVE-2020-8657
9.8 - Critical
- February 06, 2020
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.
Use of Hard-coded Credentials
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Eyesofnetwork Eonweb or by Eyesofnetwork? Click the Watch button to subscribe.
