All intelligence
// vulnerability record
cached · NVD via COSMOS syncCVE-2026-51946
MEDIUMpublished 2026-07-01 18:16 UTC · 3 days ago · modified 2026-07-02 18:43 UTC
6.5
CVSS / 10
// description
SQL Injection vulnerability in GoAdminGroup GoAdmin (last release v1.2.26) allows a remote attacker to execute arbitrary code and obtain sensitive information via the the __sort_type URL parameter on all /admin/info/{table} endpoints
// weaknesses (CWE)
- CWE-89