Wellchoose Organization Portal System — known CVE vulnerabilities
Every CVE whose affected-product data names Wellchoose Organization Portal System, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (9)
CVE-2026-3826 — CVSS 9.8 (critical): IFTOP developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code…
CVE-2025-8913 — CVSS 9.8 (critical): Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to…
CVE-2025-8912 — CVSS 7.5 (high): Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers…
CVE-2025-8909 — CVSS 6.5 (medium): Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular…
CVE-2025-8914 — CVSS 6.5 (medium): Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject…
CVE-2025-8911 — CVSS 6.1 (medium): Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote…
CVE-2026-3824 — CVSS 6.1 (medium): IFTOP developed by WellChoose has an Open redirect vulnerability, allowing authenticated remote attackers to craft a URL that tricks users…
CVE-2026-3825 — CVSS 6.1 (medium): IFTOP developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing authenticated remote attackers to execute…
CVE-2025-8910 — CVSS 6.1 (medium): Organization Portal System developed by WellChoose has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote…