Filtered by vendor Wellchoose
Subscriptions
Filtered by product Organization Portal System
Subscriptions
Total
6 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8909 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 6.5 Medium |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-8910 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 6.1 Medium |
| Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | ||||
| CVE-2025-8911 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 6.1 Medium |
| Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks. | ||||
| CVE-2025-8912 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 7.5 High |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-8913 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 9.8 Critical |
| Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server. | ||||
| CVE-2025-8914 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 6.5 Medium |
| Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents. | ||||
Page 1 of 1.