Loading market data...
← Back to CVE feed

CVE-2026-51946

MEDIUM CVSS 6.5 View on NVD ↗

Description

SQL Injection vulnerability in GoAdminGroup GoAdmin (last release v1.2.26) allows a remote attacker to execute arbitrary code and obtain sensitive information via the the __sort_type URL parameter on all /admin/info/{table} endpoints

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Published: Jul 01, 2026 18:16 UTC Modified: Jul 01, 2026 19:16 UTC