CVE-2024-58309 | xbtitFM 4.1.18 /shoutedit.php EXTRACTVALUE msgid sql injection (Exploit 51909 / EUVD-2024-55346)
A vulnerability described as critical has been identified in xbtitFM 4.1.18. This affects the function EXTRACTVALUE of the file /shoutedit.php. Such manipulation of the argument msgid leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-58309. The attack can be launched remotely. Moreover, an exploit is present.