CVE-2025-8706 | Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection

Inserito da Angelo Barbosa | Ago 7, 2025 | CVE

A vulnerability has been found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /CommonSolution/CreateFunctionLog of the component Energy Overview Module. The manipulation of the argument MM_MenID leads to sql injection.

This vulnerability is known as CVE-2025-8706. The attack can be launched remotely. Furthermore, there is an exploit available.

CVE-2025-8706 | Wanzhou WOES Intelligent Optimization Energy Saving System Energy Overview Module CreateFunctionLog sql injection

Post correlati

CVE-2024-0873 | Watu Quiz Plugin up to 3.4.1 on WordPress cross site scripting

CVE-2024-41684 | SyroTech SY-GPON-1110-WDONT 3.1.02-231102 Web Management Interface missing secure attribute (CIVN-2024-0225)

CVE-2024-10045 | Transients Manager Plugin up to 2.0.6 on WordPress cross-site request forgery

CVE-2023-6295 | SiteOrigin Widgets Bundle Plugin up to 1.50.x on WordPress file inclusion