CVE-2021-41765
Affected software : ResourceSpace 9.5–9.6 (rev 18274). Vulnerability : SQL injection in pages/edit_fields/9_ajax/add_keyword.php allows remote unauthenticated attackers to run arbitrary SQL commands via the k parameter. This can reveal the full contents of the ResourceSpace database and, if an ad...