Vulnerability Details CVE-2020-9465
An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.828
EPSS Ranking 99.2%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2020-9465
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.1
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.1-0
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.2-0
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3-0
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3-1
-
cpe:2.3:a:eyesofnetwork:eyesofnetwork:5.3-2