CVE-2025-8705 | Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection

Inserito da Angelo Barbosa | Ago 7, 2025 | CVE

A vulnerability, which was classified as critical, was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. Affected is an unknown function of the file /WEAS_HomePage/GetTargetConfig of the component Energy Overview Module. The manipulation of the argument BP_ProID leads to sql injection.

This vulnerability is traded as CVE-2025-8705. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2025-8705 | Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module GetTargetConfig sql injection

Post correlati

CVE-2020-3548 | Cisco Secure Email TLS algorithmic complexity (cisco-sa-esa-tls-dos-xW53TBhb)

CVE-2024-32998 | Huawei HarmonyOS/EMUI Clock Module uninitialized pointer

CVE-2024-13798 | pickplugins Post Grid and Gutenberg Blocks Plugin up to 2.3.5 on WordPress improper authorization

CVE-2023-50905 | Melapress WP Activity Log Plugin up to 4.6.1 on WordPress cross site scripting