CVE-2024-53544
Severity CVSS v4.0:
Pending analysis
Type:
CWE-89
SQL Injection
Publication date:
24/02/2025
Last modified:
25/02/2025
Description
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQLConnection endpoint.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL