Organization Portal System
by Wellchoose
CVEs (6)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8914 | 0.00 | — | 0.00 | Aug 13, 2025 | Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | |||
| CVE-2025-8913 | 0.00 | — | 0.01 | Aug 13, 2025 | Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server. | |||
| CVE-2025-8912 | 0.00 | — | 0.00 | Aug 13, 2025 | Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | |||
| CVE-2025-8911 | 0.00 | — | 0.00 | Aug 13, 2025 | Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | |||
| CVE-2025-8910 | 0.00 | — | 0.00 | Aug 13, 2025 | Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | |||
| CVE-2025-8909 | 0.00 | — | 0.00 | Aug 13, 2025 | Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. |
- CVE-2025-8914Aug 13, 2025risk 0.00cvss —epss 0.00
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
- CVE-2025-8913Aug 13, 2025risk 0.00cvss —epss 0.01
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
- CVE-2025-8912Aug 13, 2025risk 0.00cvss —epss 0.00
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
- CVE-2025-8911Aug 13, 2025risk 0.00cvss —epss 0.00
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
- CVE-2025-8910Aug 13, 2025risk 0.00cvss —epss 0.00
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
- CVE-2025-8909Aug 13, 2025risk 0.00cvss —epss 0.00
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.