This vulnerability involves improper neutralization of special elements in SQL commands within the posts-table-filterable feature of RealMag777 TableOn, enabling Blind SQL Injection attacks. The affected versions include all releases up to and including 1.0.5.1. The CVSS 3.1 base score is 9.3, reflecting network attack vector, low attack complexity, no privileges or user interaction required, and a scope change with high confidentiality impact and low availability impact. No official remediation or patch information is available, and the product is not a cloud service.

Successful exploitation could allow an unauthenticated attacker to extract sensitive information from the database (high confidentiality impact) and cause limited disruption to availability. Integrity impact is not indicated. The vulnerability affects all users of the vulnerable versions of TableOn, potentially exposing sensitive data stored in the posts-table-filterable component.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is available, users should consider restricting access to the vulnerable component or applying web application firewall rules to detect and block SQL injection attempts targeting TableOn. Monitor vendor channels for updates regarding patches or official mitigations.