Wanzhou WOES Intelligent Optimization Energy Saving System GetPageList sql injection

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P

Description

A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OL_OprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Basic Information

ID CVE-2025-8701

Source VulDB

Published Aug 7, 2025 at 21:02

Affected Product

Vendor Wanzhou

Product WOES Intelligent Optimization Energy Saving System

Version 1.0

Affected Versions Wanzhou WOES Intelligent Optimization Energy Saving System 1.0

CWE Classification

CWE-89 CWE-74

References

{
    "lastseen": "",
    "description": "A vulnerability was found in Wanzhou WOES Intelligent Optimization Energy Saving System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /OL_OprationLog/GetPageList. The manipulation of the argument optUser leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.",
    "published": "2025-08-07T21:02:06.917Z",
    "modified": "2025-08-07T21:02:06.917Z",
    "type": "cve",
    "title": "Wanzhou WOES Intelligent Optimization Energy Saving System GetPageList sql injection",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319130\nhttps://vuldb.com/?ctiid.319130\nhttps://vuldb.com/?submit.620639\nhttps://github.com/si12/xxx/issues/1",
    "id": "CVE-2025-8701",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89",
        "CWE-74"
    ],
    "cvelist": null,
    "sourceData": "Wanzhou WOES Intelligent Optimization Energy Saving System 1.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "WOES Intelligent Optimization Energy Saving System",
    "version": "1.0",
    "vendor": "Wanzhou",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Wanzhou WOES Intelligent Optimization Energy Saving System GetPageList sql injection_CVE-2025-8701