Vulnerabilities > Idera > Uptime Infrastructure Monitor > High

DATE CVE VULNERABILITY TITLE RISK
2018-08-27 CVE-2015-9263 Unrestricted Upload of File with Dangerous Type vulnerability in Idera Uptime Infrastructure Monitor 7.4.0/7.5.0
An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13).
network
low complexity
idera CWE-434
7.5
2017-07-20 CVE-2017-11471 SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter.
network
low complexity
idera CWE-89
7.5
2017-07-20 CVE-2017-11470 SQL Injection vulnerability in Idera Uptime Infrastructure Monitor 7.8
IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.
network
low complexity
idera CWE-89
7.5
2015-12-31 CVE-2015-2895 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Idera Uptime Infrastructure Monitor 7.4
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input.
network
low complexity
idera CWE-119
7.5