CVE STALKER

CVE-2021-41765

CVSS7
DESCRIPTIONA SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and 9.6 < rev 18274 allows remote unauthenticated attackers to execute arbitrary SQL commands via the k parameter. This allows attackers to uncover the full contents of the ResourceSpace database, including user session cookies. An attacker who gets an admin user session cookie can use the session cookie to execute arbitrary code on the server.
HEAT SCORE159

WORDS

TWEETS

DATE TWEETS USER
2021-11-25 11:51:55ResourceSpace unauthorized SQL injection #CVE-2021-41765 ResourceSpace <= 9.5 sqlmap --cookie 'upload_share_acti… https://t.co/5RALbpTXVT https://twitter.com/i/web/status/1463835712415944707simrotion13
2021-11-25 08:41:36Множественные уязвимости в ResourceSpace (CVE-2021-41765) Уязвимость в ResourceSpace <=9.5 позволяет удаленным неау… https://t.co/ORKnKbC99y https://twitter.com/i/web/status/1463788457180995584gebutcher
2021-11-25 02:30:18CVE-2021-41765 ResourceSpace unauthorized SQL injection ResourceSpace <= 9.5 sqlmap --cookie 'upload_share_active… https://t.co/XwebM4khf9 https://twitter.com/i/web/status/14636939724807045200x0021h
2021-11-17 23:11:10New post from https://t.co/uXvPWJy6tj (CVE-2021-41765 (resourcespace)) has been published on https://t.co/KAtXPeM3fV http://www.sesin.at https://www.sesin.at/2021/11/18/cve-2021-41765-resourcespace/WolfgangSesin
2021-11-17 23:10:48New post from https://t.co/9KYxtdZjkl (CVE-2021-41765 (resourcespace)) has been published on https://t.co/PVyATkFWml http://www.sesin.at https://www.sesin.at/2021/11/18/cve-2021-41765-resourcespace/www_sesin_at
2021-11-17 17:50:45🚨 NEW: CVE-2021-41765 🚨 A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and… https://t.co/TRO1hM677a https://twitter.com/i/web/status/1461028749617643523threatintelctr
2021-11-17 15:42:57I declare CVE-2021-41765 to be named Refractive Lathe https://t.co/YUyg5nDN4z https://nvd.nist.gov/vuln/detail/CVE-2021-41765vulnonym
2021-11-15 16:50:40CVE-2021-41765 A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and 9.6 < rev… https://t.co/87sgUKopPW https://twitter.com/i/web/status/1460287806635454469CVEnew
2021-11-15 16:10:13CVE-2021-41765 : A SQL injection issue in pages/edit_fields/9_ajax/add_keyword.php of ResourceSpace 9.5 and 9.6 < r… https://t.co/nrLhzZ8O8c https://twitter.com/i/web/status/1460278517950820354CVEreport
2021-11-12 03:40:56CVE-2021-41765: Unauthenticated SQLi to RCE Chain ResourceSpace is an older-generation PHP application in which ma… https://t.co/KxY2gSLWJm https://twitter.com/i/web/status/1459002222424080392sUbCo0l
2021-11-12 00:30:17Multiple Vulnerabilities in ResourceSpace including CVE-2021-41765, unauthenticated SQL injection to gain remote co… https://t.co/WEpdhgahAG https://twitter.com/i/web/status/1458954855922343937jhl128
2021-11-11 15:50:11CVE-2021-41765: Unauthenticated SQLi to RCE Chain in ResourceSpace https://t.co/hywx5gkDbs https://www.reddit.com/r/netsec/comments/qqz9nc/cve202141765_unauthenticated_sqli_to_rce_chain_in/Dinosn
2021-11-11 14:10:03CVE-2021-41765: Unauthenticated SQLi to RCE Chain in ResourceSpace https://t.co/tRRHoEHt5a #CVE #SQLi https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace/axcheron
2021-11-11 12:20:23CVE-2021-41765 ResourceSpace unauthenticated SQLi vulnerability. https://t.co/cqtWUpXGQm Customizable Vulnerabil… https://t.co/dKqJUb1RFn http://vulmon.com/vulnerabilitydetails?qid=CVE-2021-41765 https://twitter.com/i/web/status/1458769169776791561VulmonFeeds
2021-11-11 06:00:12CVE-2021-41765: Unauthenticated SQLi to RCE Chain https://t.co/jz0lkoafBO #bugbounty #security https://bug.cyberkendra.com/2021/11/11/cve-2021-41765-unauthenticated-sqli-to-rce-chain/cyberkendra
2021-11-11 00:42:21@Horizon3ai attack engineering team disclosed CVE-2021-41765, a pre-auth SQL injection that an attacker can abuse t… https://t.co/7NcQvYaFkK https://twitter.com/i/web/status/1458593549465702401snehalantani
2021-11-10 18:51:06New post: "CVE-2021-41765: Unauthenticated SQLi to RCE Chain in ResourceSpace" https://t.co/F1O91da3n5 https://ift.tt/31OUzO6Myinfosecfeed
2021-11-10 18:00:05CVE-2021-41765: Unauthenticated SQLi to RCE Chain in ResourceSpace via /r/netsec https://t.co/wgNV5KY5pb #cybersecurity #netsec #news https://ift.tt/2YzYQDRCybrXx0
2021-11-10 17:30:13CVE-2021-41765: Unauthenticated SQLi to RCE Chain in ResourceSpace https://t.co/Mg779gBcsG https://www.horizon3.ai/multiple-vulnerabilities-in-resourcespace/_r_netsec