2 matches found
CVE-2015-5644
CVE-2015-5644 affects ICZ MATCHA SNS prior to 1.3.7. The installer fails to correctly configure the database, enabling a code injection path that allows a remote attacker to execute arbitrary PHP code. The vulnerability is tied to installer-time database configuration (CWE-94) and culminates in c...
CVE-2015-5644
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors...