CVE-2015-5644 Information

Description

The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database which allows remote attackers to execute arbitrary PHP code via unspecified vectors.

Reference

http://jvn.jp/en/jp/JVN08535069/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000145 http://oss.icz.co.jp/news/?p=1075