CVE-2026-28226 | phishingclub Phishing Club up to 1.30.1 Endpoint RemapOrderBy sortBy sql injection (GHSA-4r69-4qff-ccj3)

Inserito da Angelo Barbosa | Feb 27, 2026 | CVE

A vulnerability labeled as critical has been found in phishingclub Phishing Club up to 1.30.1. The affected element is the function RemapOrderBy of the component Endpoint. Such manipulation of the argument sortBy leads to sql injection.

This vulnerability is traded as CVE-2026-28226. The attack may be launched remotely. There is no exploit available.

The affected component should be upgraded.

CVE-2026-28226 | phishingclub Phishing Club up to 1.30.1 Endpoint RemapOrderBy sortBy sql injection (GHSA-4r69-4qff-ccj3)

Post correlati

CVE-2025-22906 | RE11S 1.11 /goform/setWAN L2TPUserName command injection

CVE-2024-13438 | SpeedSize Image & Video AI-Optimizer Plugin up to 1.5.1 on WordPress cross-site request forgery

CVE-2024-5045 | SourceCodester Online Birth Certificate Management System 1.0 /admin file access

CVE-2025-8527 | Exrick xboot up to 3.3.4 Swagger SecurityController.java loginUrl server-side request forgery