{"id":"CVE-2020-9465","details":"An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.","modified":"2026-04-10T04:28:42.810442Z","published":"2020-02-28T20:15:11.787Z","references":[{"type":"ADVISORY","url":"https://github.com/EyesOfNetworkCommunity/eonweb/releases/tag/5.3-3"},{"type":"EVIDENCE","url":"https://github.com/EyesOfNetworkCommunity/eonweb/issues/51"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/eyesofnetworkcommunity/eonweb","events":[{"introduced":"2251697fce862458296fd614ba8a28ab90cbe493"},{"fixed":"e54111675532c29f00e17b1732a3f7a098496cf2"}],"database_specific":{"versions":[{"introduced":"5.1"},{"fixed":"5.3-3"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-9465.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}