CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

IDERA Uptime Monitor is a cross-platform server monitoring software from IDERA. The software provides a server performance, availability and other indicators to collect, summarize and generate reports and other functions. An SQL injection vulnerability exists in the...

9.8CVSS10AI score0.01452EPSS

Exploits3References1

CNVD•added 2017/07/25 12:0 a.m.•1 views

IDERA Uptime Monitor SQL Injection Vulnerability

9.8CVSS10AI score0.01452EPSS

Exploits3References1

CNVD•added 2017/07/21 12:0 a.m.•1 views

IDERA Uptime Monitor Path Traversal Vulnerability

7.5CVSS7.8AI score0.07214EPSS

Exploits3References1

Prion•added 2017/07/20 4:29 a.m.•15 views

Sql injection

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter...

7.5CVSS9.8AI score0.01452EPSS

Exploits3References1Affected Software1

Prion•added 2017/07/20 4:29 a.m.•12 views

Sql injection

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter...

7.5CVSS9.8AI score0.01452EPSS

Exploits3References1Affected Software1

OSV•added 2017/07/20 4:29 a.m.•3 views

CVE-2017-11469

get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the filename parameter...

7.5CVSS5.8AI score0.07214EPSS

Exploits3References1

NVD•added 2017/07/20 4:29 a.m.•8 views

CVE-2017-11469

get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the filename parameter...

7.5CVSS7.6AI score0.07214EPSS

Exploits3References1

NVD•added 2017/07/20 4:29 a.m.•9 views

CVE-2017-11470

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter...

9.8CVSS9.9AI score0.01452EPSS

Exploits3References1

OSV•added 2017/07/20 4:29 a.m.•1 views

CVE-2017-11470

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter...

9.8CVSS5.8AI score

Exploits0References1

OSV•added 2017/07/20 4:29 a.m.•2 views

CVE-2017-11471

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter...

9.8CVSS5.8AI score0.01452EPSS

Exploits3References1

NVD•added 2017/07/20 4:29 a.m.•11 views

CVE-2017-11471

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter...

9.8CVSS9.9AI score0.01452EPSS

Exploits3References1

Prion•added 2017/07/20 4:29 a.m.•13 views

Directory traversal

get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the filename parameter...

5CVSS8AI score0.07214EPSS

Exploits3References1Affected Software1

Cvelist•added 2017/07/20 4:0 a.m.•22 views

CVE-2017-11471

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatIfGadget/getmetrics.php via the element parameter...

10AI score0.01452EPSS

Exploits3References1

Cvelist•added 2017/07/20 4:0 a.m.•14 views

CVE-2017-11470

IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter...

10AI score0.01452EPSS

Exploits3References1

Cvelist•added 2017/07/20 4:0 a.m.•14 views

CVE-2017-11469

get2post.php in IDERA Uptime Monitor 7.8 has directory traversal in the filename parameter...

8.1AI score0.07214EPSS

Exploits3References1

CVE•added 2017/07/20 4:0 a.m.•55 views

CVE-2017-11470

CVE-2017-11470 affects IDERA Uptime Monitor 7.8. The vulnerability is an SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter. NVD lists CVSS v2 base 7.5 (HIGH) and CVSS v3 base 9.8 (CRITICAL). Exploitation status is not provided in the sou...

9.8CVSS9.8AI score0.01452EPSS

Exploits3References1Affected Software1

CVE•added 2017/07/20 4:0 a.m.•53 views

CVE-2017-11469

CVE-2017-11469 affects IDERA Uptime Monitor 7.8. get2post.php’s file_name parameter allows directory traversal, enabling reading arbitrary host files. This is a confirmed path traversal vulnerability, with the CNVD/NVD entries describing read access. No patch/versioned remediation is provided in ...

7.5CVSS8.6AI score0.07214EPSS

Exploits3References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by