32 matches found
CVE-2026-33273
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...
CVE-2026-24913
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...
EUVD-2026-20054
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...
EUVD-2026-20051
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...
CVE-2026-33273
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...
CVE-2026-24913
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...
CVE-2026-33273
CVE-2026-33273 affects MATCHA INVOICE, versions 2.6.6 and earlier. The issue is an unrestricted upload vulnerability (CWE-434) that could allow an administrator to create arbitrary files on the server, potentially enabling arbitrary code execution. Public reports in JVN, NVD, CVE records, and thi...
CVE-2026-33273
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...
CVE-2026-33273
Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbitrary file may be created by an administrator of the product. As a result, arbitrary code may be executed on the server...
CVE-2026-24913
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...
CVE-2026-24913
MATCHA INVOICE versions 2.6.6 and earlier are affected by an SQL Injection vulnerability. The flaw allows an authenticated user to obtain or alter data stored in the database through exploitation of unsafely handled input in the application. The description does not specify exact vulnerable compo...
CVE-2026-24913
SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the database may be obtained or altered by a user who can log in to the product...
PT-2026-31085
Name of the Vulnerable Software and Affected Versions MATCHA INVOICE versions 2.6.6 and earlier Description An issue exists in MATCHA INVOICE that allows for unrestricted file uploads of dangerous types. Successful exploitation by a product administrator could lead to the creation of arbitrary...
ICZ MATCHA INVOICE 代码问题漏洞
ICZ MATCHA INVOICE is an invoice management system developed by the Japanese company ICZ. Versions of ICZ MATCHA INVOICE 2.6.6 and earlier contained code vulnerabilities. These vulnerabilities stemmed from unlimited upload of dangerous types of files, which could allow administrators to create...
PT-2026-31083
Name of the Vulnerable Software and Affected Versions MATCHA INVOICE versions 2.6.6 and earlier Description A SQL Injection vulnerability exists that may allow a logged-in user to obtain or alter information stored in the database. Recommendations Update to a newer version to address this...
ICZ MATCHA INVOICE SQL注入漏洞
ICZ MATCHA INVOICE is an invoice management system developed by the Japanese company ICZ. Versions of ICZ MATCHA INVOICE 2.6.6 and earlier contained a SQL injection vulnerability. This vulnerability made the system susceptible to SQL injection attacks, potentially leading to the extraction or...
EUVD-2015-5593
Malware in sbrugna...
EUVD-2015-5594
Malware in sbrugna...
ICZ MATCHA INVOICE SQL Injection Vulnerability
ICZ MATCHA INVOICE is a Web-based billing management software from ICZ Japan. A SQL injection vulnerability exists in ICZ MATCHA INVOICE 2.5.6 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...
ICZ MATCHA INVOICE Code Injection Vulnerability
ICZ MATCHA INVOICE is a Web-based billing management software from ICZ Japan. A security vulnerability exists in the installer of ICZ MATCHA INVOICE 2.5.6 and earlier versions, which can be exploited by remote attackers to execute arbitrary PHP code...