ResourceSpace SQL Injection Vulnerability in watched_searches.php

An SQL injection vulnerability has been identified in ResourceSpace version 8.6. This vulnerability allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious payloads through the 'ref' parameter. The injection occurs via GET requests sent to the watched_searches.php endpoint. Exploiting this vulnerability could lead to the extraction of sensitive database information, including usernames and credentials.

Impact

Successful exploitation of this vulnerability allows for arbitrary SQL execution, which could be used to manipulate the database or extract sensitive information such as user credentials.

Reproduction

The vulnerability can be reproduced by sending a GET request to the watched_searches.php endpoint with a crafted SQL payload in the 'ref' parameter. This can be done manually or using a tool like sqlmap, which can automate the exploitation process by injecting SQL payloads and extracting database information.