Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-8909 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 6.5 MEDIUM |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | |||||
| CVE-2025-8910 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 6.1 MEDIUM |
| Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | |||||
| CVE-2025-8911 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 6.1 MEDIUM |
| Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | |||||
| CVE-2025-8912 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 7.5 HIGH |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | |||||
| CVE-2025-8913 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 9.8 CRITICAL |
| Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server. | |||||
| CVE-2025-8914 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | N/A | 6.5 MEDIUM |
| Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | |||||