20 matches found
EUVD-2026-20052
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...
CVE-2026-27787
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...
CVE-2026-27787
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...
CVE-2026-27787
Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product...
ICZ MATCHA SNS 跨站脚本漏洞
ICZ MATCHA SNS is a notification and message distribution system developed by the Japanese company ICZ. Versions of ICZ MATCHA SNS 1.3.9 and earlier contained a cross-site scripting vulnerability. This vulnerability was due to a susceptibility to cross-site scripting attacks, which could allow...
PT-2026-31084
Name of the Vulnerable Software and Affected Versions MATCHA SNS versions prior to 1.4.0 Description A cross-site scripting issue exists. Successful exploitation could allow an attacker to execute arbitrary scripts in a user's web browser when they access the website. Recommendations Update to...
EUVD-2015-5596
Malware in sbrugna...
EUVD-2015-5595
Malware in sbrugna...
ICZ MATCHA SNS Privilege Access Control Vulnerability
ICZ MATCHA SNS is a set of SNS software from ICZ Japan. A security vulnerability exists in ICZ MATCHA SNS 1.3.6 and earlier versions. A remote attacker can exploit this vulnerability to gain administrator privileges...
CVE-2015-5645
ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors...
CVE-2015-5644
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors...
Code injection
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors...
Code injection
ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors...
CVE-2015-5645
ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors...
CVE-2015-5645
ICZ MATCHA SNS (MATCHA SNS) before 1.3.7 is vulnerable: remote authenticated users can obtain administrative privileges via unspecified vectors. Affected product: MATCHA SNS from ICZ Corporation, versions 1.3.6 and earlier. Root cause details are not specified in the provided documents; exploitat...
CVE-2015-5644
CVE-2015-5644 affects ICZ MATCHA SNS prior to 1.3.7. The installer fails to correctly configure the database, enabling a code injection path that allows a remote attacker to execute arbitrary PHP code. The vulnerability is tied to installer-time database configuration (CWE-94) and culminates in c...
CVE-2015-5644
The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execute arbitrary PHP code via unspecified vectors...
MATCHA SNS vulnerable to code injection
Overview MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...
JVN#85118545: MATCHA SNS access restriction bypass vulnerability
MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains an access restriction bypass vulnerability. Impact A user without administrative privileges may obtain administrative privileges. Solution Update the Software Update to the latest version according to the information...
JVN#08535069: MATCHA SNS vulnerable to code injection
MATCHA SNS provided by ICZ Corporation is an SNS software. MATCHA SNS contains a code injection CWE-94 vulnerability due to a flaw when configuring the database during installation. Impact An unauthenticated attacker who can execute the installer may execute arbitrary PHP code on the server where...