Vulnerabilities in ICZ Corporation
3 resultsCVE-2026-24913HIGHSQL Injection vulnerability exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, information stored in the databaEPSS 0.3%CVE-2026-33273MEDIUMUnrestricted upload of file with dangerous type issue exists in MATCHA INVOICE 2.6.6 and earlier. If this vulnerability is exploited, an arbEPSS 0.2%CVE-2026-27787MEDIUMCross-site scripting vulnerability exists in MATCHA SNS 1.3.9 and earlier. If this vulnerability is exploited, an arbitrary script may be exEPSS 0.2%