SQL Injection issues in various ASPX pages of ResourceXpress Meeting Monitor 4.9 could lead to remote code execution and information disclosure.
https://www.resourcexpress.com/news/
https://resourcexpress.atlassian.net/wiki/spaces/RSG/pages/807698439/v1.8+HF+1+2+3+OnPrem+v5.3