Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.

Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.

Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.