CVE-2015-5643

2015-10-0310:00:00

jpcert

www.cve.org

AI Score

7.7

Confidence

Low

EPSS

0.006

Percentile

79.0%

JSON

The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.

References

jvn.jp/en/jp/JVN66984217/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000144

oss.icz.co.jp/news/?p=1073