CVE-2025-8914 HIGH

CVE-2025-8914: WellChoose｜Organization Portal System - SQL Injection

Vendor Wellchoose

Product Organization Portal System

Weakness CWE-89 · SQLi

Published August 13, 2025

Last update August 13, 2025

View on NVD All CVEs

CVSS base score

7.1/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Organization Portal System developed by WellChoose has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read database contents.

Key dates

02Disclosure timeline

August 13, 2025 CVE published

August 13, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-8914 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/89.html

Related vulnerabilities

Identifiers

CVE CVE-2025-8914

CWE CWE-89

CVSS 7.1 / HIGH

Affected versions