PT-2025-33264 · Moonshine · Moonshine
Giacolenzo2109
+1
·
Published
2025-08-14
·
Updated
2025-08-19
·
CVE-2025-51510
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions:
MoonShine version 3.12.5
Description:
MoonShine version 3.12.5 contains a SQL injection issue within the Blog module, specifically through the
Data parameter.Recommendations:
As a temporary workaround, consider restricting access to the Blog module until a patch is available.
Sanitize the
Data parameter before processing it to prevent SQL injection attacks.Exploit
Fix
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Moonshine