CVE-2015-5643 Information

Description

The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database which allows remote attackers to execute arbitrary PHP code via unspecified vectors.

Reference

http://jvn.jp/en/jp/JVN66984217/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000144 http://oss.icz.co.jp/news/?p=1073