CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

May 21, 2025

CVE ID : CVE-2025-5010

Published : May 21, 2025, 12:15 a.m. | 4 hours, 23 minutes ago

Description : A vulnerability classified as problematic has been found in moonlightL hexo-boot 4.3.0. This affects an unknown part of the file /admin/home/index.html of the component Blog Backend. The manipulation of the argument Description leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 2.4 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleUse Multi-Cursor in VS Code to Edit Multiple Lines Simultaneously

Next Article CVE-2025-5011 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Highlights

CVE-2025-4714 – Campcodes Sales and Inventory System SQL Injection Vulnerability

May 15, 2025

CVE ID : CVE-2025-4714

Published : May 15, 2025, 7:15 p.m. | 45 minutes ago

Description : A vulnerability was found in Campcodes Sales and Inventory System 1.0. It has been classified as critical. Affected is an unknown function of the file /pages/reprint.php. The manipulation of the argument sid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Severity: 7.3 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

The best smart glasses unveiled at I/O 2025 weren’t made by Google

Google’s upcoming AI smart glasses may finally convince me to switch to a pair full-time

I tried Samsung’s Project Moohan XR headset at I/O 2025 – and couldn’t help but smile

Is Google’s $250-per-month AI subscription plan worth it? Here’s what’s included

IOT and API Integration With MuleSoft: The Road to Seamless Connectivity

IOT and API Integration With MuleSoft: The Road to Seamless Connectivity

Celebrating GAAD by Committing to Universal Design: Low Physical Effort

Celebrating GAAD by Committing to Universal Design: Flexibility in Use

Microsoft open-sources Windows Subsystem for Linux at Build 2025

Microsoft open-sources Windows Subsystem for Linux at Build 2025

Microsoft Brings Grok 3 AI to Azure with Guardrails and Enterprise Controls

You won’t have to pay a fee to publish apps to Microsoft Store

CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2025-48205 – TYPO3 sr_feuser_register Insecure Direct Object Reference

[Easy] How to Install Brave Browser on Kali Linux

Solo Development: Learning To Let Go Of Perfection

astroterm – terminal-based star map

How to Update Node.js Versions on Windows

CVE-2025-4714 – Campcodes Sales and Inventory System SQL Injection Vulnerability

$2.5 million reward offered for hacker linked to notorious Angler Exploit Kit

AI in health should be regulated, but don’t forget about the algorithms, researchers say

Distribution Release: Murena 2.9

CVE-2025-5010 – MoonlightL Hexo-Boot Cross-Site Scripting Vulnerability

Related Posts