IDERA Uptime Monitor 7.8 has SQL injection in /gadgets/definitions/uptime.CapacityWhatifGadget/getxenmetrics.php via the element parameter.Referenceshttps://blogs.securiteam.com/index.php/archives/3223#more-3223
