22 matches found
EUVD-2025-4264
Malicious code in bioql PyPI...
EUVD-2025-4261
Malicious code in bioql PyPI...
EUVD-2025-4260
Malicious code in bioql PyPI...
CVE-2024-53542
Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request...
CVE-2024-53544
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53543
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53543
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53544
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53542
Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request...
CVE-2024-53542
Incorrect access control in the component /iclock/Settings?restartNCS=1 of NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 allows attackers to arbitrarily restart the NCServiceManger via a crafted GET request...
NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞
NovaCHRON Zeitsysteme Smart Time Plus is a time only management program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from a SQL injection vulnerability in the getCookieNames method...
CVE-2024-53543
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConnection endpoint...
NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞
NovaCHRON Zeitsysteme Smart Time Plus is a time management only program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from an improper access control vulnerability in the...
CVE-2024-53542
The CVE-2024-53542 entry concerns NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus (v8.x to v8.6). The issue is an incorrect access control in the /iclock/Settings?restartNCS=1 endpoint that allows an attacker to arbitrarily restart the NCServiceManger via a crafted GET request. Public sources...
PT-2025-7797 · Novachron Zeitsysteme Gmbh & Co. Kg · Smart Time Plus
Name of the Vulnerable Software and Affected Versions: NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus versions 8.x through 8.6 Description: The issue concerns incorrect access control in the component /iclock/Settings?restartNCS=1, allowing attackers to arbitrarily restart the NCServiceMange...
NovaCHRON Zeitsysteme Smart Time Plus 安全漏洞
NovaCHRON Zeitsysteme Smart Time Plus is a time management only program from NovaCHRON Zeitsysteme. A security vulnerability exists in NovaCHRON Zeitsysteme Smart Time Plus versions prior to v8.x through v8.6, which stems from a SQL injection vulnerability in the addProject method...
CVE-2024-53544
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the getCookieNames method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53543
NovaCHRON Zeitsysteme GmbH & Co. KG Smart Time Plus v8.x to v8.6 was discovered to contain a SQL injection vulnerability via the addProject method in the smarttimeplus/MySQLConnection endpoint...
CVE-2024-53543
CVE-2024-53543 affects NovaCHRON Zeitsysteme Smart Time Plus (v8.x to v8.6). The vulnerability is a SQL injection via the addProject method in the smarttimeplus/MySQLConnection endpoint. Connected sources confirm the affected versions and the vulnerable component but do not provide exploit detail...
CVE-2024-53544
NovaCHRON Zeitsysteme Smart Time Plus (v8.x–v8.6) is affected by a SQL injection in getCookieNames under smarttimeplus/MySQLConnection. Root cause: improper handling of user-controlled input leading to injectable queries. Impact is HIGH on confidentiality, integrity, and availability per CVSS 3.1...