CVE-2018-15868
SQL injection vulnerability in ChronoScan version 1.5.4.3 and earlier allows an unauthenticated attacker to execute arbitrary SQL commands via the wcr_machineid cookie.
Date published : 2019-06-21
https://redsec.io/chronoscan-enterprise-unauthenticated-sql-injection