CVE-2025-8914
- EPSS 0.06%
- Veröffentlicht 13.08.2025 09:18:55
- Zuletzt bearbeitet 21.08.2025 00:28:42
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-8913
- EPSS 0.36%
- Veröffentlicht 13.08.2025 09:16:02
- Zuletzt bearbeitet 21.08.2025 00:30:01
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
CVE-2025-8912
- EPSS 0.1%
- Veröffentlicht 13.08.2025 09:13:03
- Zuletzt bearbeitet 21.08.2025 00:30:38
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-8911
- EPSS 0.07%
- Veröffentlicht 13.08.2025 09:09:30
- Zuletzt bearbeitet 21.08.2025 00:32:21
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
CVE-2025-8910
- EPSS 0.07%
- Veröffentlicht 13.08.2025 09:06:36
- Zuletzt bearbeitet 21.08.2025 00:33:30
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
CVE-2025-8909
- EPSS 0.09%
- Veröffentlicht 13.08.2025 09:03:13
- Zuletzt bearbeitet 21.08.2025 00:34:08
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.