CVE Daily

CVE-2025-8913

Organization Portal System developed by WellChoose has a Local File Inclusion vu...

Critical CVSS 9.8

Overview

Organization Portal System developed by WellChoose has a Local File Inclusion vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server.

CWE: CWE-98 Published: 2025-08-13T10:15:27.213
Risk analysis

This vulnerability is rated 🔴 CRITICAL.

  • CVSS: 9.8 (CRITICAL)
  • Detected tags: lfi, rce (tag impact: VERY HIGH)

Recommended actions:

  • Normalize paths, use allowlists; block user-controlled file paths.
  • Patch/upgrade immediately (remote code execution).
  • Reduce exposure (WAF/segmentation), minimize attack surface.

Recommended tools

Tags