Share
## https://sploitus.com/exploit?id=B7013444-89E3-546C-B5A2-FD21D75D3481
# Affected Software: PostgreSQL 15.x before 15.7, 16.x before 16.3.

# Vulnerability Type: Command injection in the pg_backup extension.

# Description: The pg_backup extension fails to properly sanitize user‑supplied parameters, allowing a backup operator to inject arbitrary commands that are executed as the PostgreSQL user.