EUVD-2015-9105

Malware in sbrugna...

CVE-2025-34121

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

CVE-2025-34121 Idera Up.Time ≤ 7.2 post2file.php Arbitrary File Upload RCE

An unauthenticated arbitrary file upload vulnerability exists in Idera Up.Time Monitoring Station versions up to and including 7.2. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP files to the webroot. Successful exploitation results in...

PT-2025-29884 · Idera · Idera Up.Time Monitoring Station

Name of the Vulnerable Software and Affected Versions: Idera Up.Time Monitoring Station versions up to and including 7.2 Description: An unauthenticated arbitrary file upload issue exists. The wizards/post2file.php script accepts arbitrary POST parameters, allowing attackers to upload crafted PHP...

Design/Logic Flaw

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 build 16 and 7.4.0 build 13. It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands...

CVE-2015-9263

The CVE-2015-9263 entry concerns Idera Up.Time Monitoring Station (versions up to 7.5.0 build 16 and 7.4.0 build 13) where the post2file.php upload mechanism allows uploading arbitrary files (e.g., PHP) to the webroot. The underlying issue is an unauthenticated arbitrary file upload that can lead...

PT-2018-4572 · Uptime · Up.Time Monitoring Station

Name of the Vulnerable Software and Affected Versions: Up.Time Monitoring Station versions 7.4.0 build 13 through 7.5.0 build 16 Description: An issue in post2file.php allows an attacker to upload arbitrary files, including .php files that can execute arbitrary OS commands. Recommendations: For...

Idera Up.Time Monitoring Station 7.0 - 'post2file.php' Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file...

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Version 1

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file...

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload

This module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload

This module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptimefileupload1.rb, but it was mitigated by the vendor. Although the mitigation ...

Up.Time Monitoring Station post2file.php Arbitrary File Upload

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. This module requires Metasploit:...

Up.Time Monitoring Station post2file.php Arbitrary File Upload

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Up.Time Monitoring Station post2file.php Arbitrary File Upload', 'Description' = %q This module exploits an arbitrary file upload...