Known Vulnerabilities for products from Icz
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Icz".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-33273 json | Unrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is ex... | Not Provided | 2026-04-08 | 2026-04-17 |
| CVE-2026-27787 json | Cross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary s... | Not Provided | 2026-04-08 | 2026-04-17 |
| CVE-2026-24913 json | SQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information store... | Not Provided | 2026-04-08 | 2026-04-17 |
| CVE-2015-5645 json | ICZ MATCHA SNS before 1.3.7 allows remote authenticated users to obtain administrative privileges via unspecified vectors. | 6.5 - MEDIUM | 2015-10-06 | 2015-10-07 |
| CVE-2015-5644 json | The installer in ICZ MATCHA SNS before 1.3.7 does not properly configure the database, which allows remote attackers to execu... | 6.8 - MEDIUM | 2015-10-06 | 2015-10-07 |
| CVE-2015-5643 json | The installer in ICZ MATCHA INVOICE before 2.5.7 does not properly configure the database, which allows remote attackers to e... | 6.8 - MEDIUM | 2015-10-06 | 2015-10-07 |
| CVE-2015-5642 json | Multiple SQL injection vulnerabilities in ICZ MATCHA INVOICE before 2.5.7 allow remote authenticated users to execute arbitra... | 6.5 - MEDIUM | 2015-10-06 | 2015-10-07 |
| CVE-2012-1238 json | Session fixation vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack web sessions via unspecified vect... | 4.3 - MEDIUM | 2012-04-06 | 2012-11-20 |
| CVE-2012-1237 json | Cross-site request forgery (CSRF) vulnerability in SENCHA SNS before 1.0.2 allows remote attackers to hijack the authenticati... | 6.8 - MEDIUM | 2012-04-06 | 2012-11-20 |
Known software with vulnerabilities from Icz
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Icz | Sencha Sns | 1.0.0 |