CVE-2026-32813
Admidio CVE-2026-32813 describes a second-order SQL injection in the MyList configuration feature. Versions 5.0.6 and earlier store user-supplied column names, sort directions, and filter conditions in adm_list_columns via prepared statements (safe write), but read these values back and interpola...