Shodan
Vulnerabilities
Vulnerable Software
Wellchoose:  Security Vulnerabilities
CVE-2025-8913
Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.
CVSS Score
9.8
EPSS Score
0.004
Published
2025-08-13
CVE-2025-8914
Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-13
CVE-2025-8912
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.
CVSS Score
7.5
EPSS Score
0.001
Published
2025-08-13
CVE-2025-8911
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-13
CVE-2025-8909
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-08-13
CVE-2025-8910
Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
CVSS Score
6.1
EPSS Score
0.001
Published
2025-08-13
CVE-2024-10202
Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.
CVSS Score
8.8
EPSS Score
0.032
Published
2024-10-21
CVE-2024-10200
Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-10-21
CVE-2024-10201
Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.
CVSS Score
8.8
EPSS Score
0.011
Published
2024-10-21


Products
Pricing
Contact Us

Shodan ® - All rights reserved