CVE-2017-14401

The EyesOfNetwork web interface (aka eonweb) 5.1-0 has SQL injection via the user_name parameter to module/admin_user/add_modify_user.php in the "ACCOUNT UPDATE" section.

Date published : 2017-09-12

http://www.sstrunk.com/cve/module_admin_user_add_modify_user.html