CVE-2015-5644

2015-10-0310:00:00

jpcert

www.cve.org

AI Score

7.7

Confidence

Low

EPSS

0.006

Percentile

79.0%

JSON

The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors.

References

jvn.jp/en/jp/JVN08535069/index.html

jvndb.jvn.jp/jvndb/JVNDB-2015-000145

oss.icz.co.jp/news/?p=1075