Multiple SQL Injection Vulnerabilities in EyesOfNetwork (EON) 5.0 and Earlier
CVE-2017-6088 · HIGH Severity
AV:N/AC:L/AU:S/C:C/I:C/A:C
Multiple SQL injection vulnerabilities in EyesOfNetwork (aka EON) 5.0 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) bp_name, (2) display, (3) search, or (4) equipment parameter to module/monitoring_ged/ged_functions.php or the (5) type parameter to monitoring_ged/ajax.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.