← Back

Organization Portal System

organization_portal_system

Vendor: Wellchoose • 9 CVEs

CVEs (9)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2026-3826
1Wellchoose
1Organization Portal System
Mar 17, 2026
Mar 11, 2026
9.3 CRITICAL· v4
9.8 CRITICAL· v3
N/A· v2
IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
CVE-2026-3825
1Wellchoose
1Organization Portal System
Mar 17, 2026
Mar 11, 2026
5.1 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
CVE-2026-3824
1Wellchoose
1Organization Portal System
Mar 17, 2026
Mar 11, 2026
5.1 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
IFTOP developed by WellChoose has an Open redirect vulnerability, allowing authenticated remote attackers to craft a URL that tricks users into visiting malicious website.
CVE-2025-8914
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
7.1 HIGH· v4
7.5 HIGH· v3
N/A· v2
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVE-2025-8913
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
9.3 CRITICAL· v4
9.8 CRITICAL· v3
N/A· v2
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
CVE-2025-8912
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
8.7 HIGH· v4
7.5 HIGH· v3
N/A· v2
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
CVE-2025-8911
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
5.3 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing at...Show more
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.Show less
CVE-2025-8910
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
5.3 MEDIUM· v4
6.1 MEDIUM· v3
N/A· v2
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing at...Show more
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.Show less
CVE-2025-8909
1Wellchoose
1Organization Portal System
Aug 21, 2025
Aug 13, 2025
7.1 HIGH· v4
6.5 MEDIUM· v3
N/A· v2
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.