Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/07/18 9:58 p.m.24 views

CVE-2025-34121

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

9.8CVSS8.6AI score0.11904EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/07/16 9:6 p.m.6 views

CVE-2025-34121 Idera Up.Time ≤ 7.2 post2file.php Arbitrary File Upload RCE

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

9.3CVSS8.5AI score0.01682EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.6 views

PT-2025-29884 · Idera · Idera Up.Time Monitoring Station

Name of the Vulnerable Software and Affected Versions: Idera Up.Time Monitoring Station versions up to and including 7.2 Description: An unauthenticated arbitrary file upload issue exists. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP...

9.3CVSS10AI score0.01682EPSS
Exploits0References8
0day.today
0day.today
added 2015/11/14 12:0 a.m.31 views

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2015/11/13 12:0 a.m.36 views

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...

0.3AI score
Exploits0
Rows per page
Query Builder