Wellchoose

Organization Portal System

10 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2026-3826

  • EPSS 0.29%
  • Veröffentlicht 11.03.2026 06:38:25
  • Zuletzt bearbeitet 17.03.2026 19:27:21

IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.

6.1

CVE-2026-3825

  • EPSS 0.05%
  • Veröffentlicht 11.03.2026 06:35:25
  • Zuletzt bearbeitet 17.03.2026 19:27:35

IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

6.1

CVE-2026-3824

  • EPSS 0.04%
  • Veröffentlicht 11.03.2026 06:31:53
  • Zuletzt bearbeitet 17.03.2026 18:48:24

IFTOP developed by WellChoose has an Open redirect vulnerability, allowing authenticated remote attackers to craft a URL that tricks users into visiting malicious website.

8.8

CVE-2026-1427

  • EPSS 0.13%
  • Veröffentlicht 26.01.2026 08:16:00
  • Zuletzt bearbeitet 11.03.2026 22:51:20

Single Sign-On Portal System developed by WellChoose has a OS Command Injection vulnerability, allowing authenticated remote attackers to inject arbitrary OS commands and execute them on the server.

7.5

CVE-2025-8914

  • EPSS 0.06%
  • Veröffentlicht 13.08.2025 09:18:55
  • Zuletzt bearbeitet 21.08.2025 00:28:42

Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

9.8

CVE-2025-8913

  • EPSS 0.58%
  • Veröffentlicht 13.08.2025 09:16:02
  • Zuletzt bearbeitet 21.08.2025 00:30:01

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.

7.5

CVE-2025-8912

  • EPSS 0.11%
  • Veröffentlicht 13.08.2025 09:13:03
  • Zuletzt bearbeitet 21.08.2025 00:30:38

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

6.1

CVE-2025-8911

  • EPSS 0.05%
  • Veröffentlicht 13.08.2025 09:09:30
  • Zuletzt bearbeitet 21.08.2025 00:32:21

Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

6.1

CVE-2025-8910

  • EPSS 0.05%
  • Veröffentlicht 13.08.2025 09:06:36
  • Zuletzt bearbeitet 21.08.2025 00:33:30

Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.

6.5

CVE-2025-8909

  • EPSS 0.07%
  • Veröffentlicht 13.08.2025 09:03:13
  • Zuletzt bearbeitet 21.08.2025 00:34:08

Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.