SQL Injection vulnerability in GoAdminGroup GoAdmin (last release v1.2.26) allows a remote attacker to execute arbitrary code and obtain sensitive information via the the __sort_type URL parameter on all /admin/info/{table} endpoints
https://github.com/GoAdminGroup/go-admin/tree/main
https://blog.silentgrid.com/ai-assisted-penetration-testing-in-practice/