h5kj23kj32io2kj
3 exploits
Active since Dec 2025
xbtitFM 4.1.18 - Authenticated Arbitrary PHP File Upload via File Hosting Feature
CVSS 7.2
xbtitFM 4.1.18 - Unauthenticated Path Traversal via URL Parameter Manipulation
CVSS 7.5
xbtitFM 4.1.18 - Unauthenticated SQL Injection via msgid Parameter
CVSS 9.8