CVE-2025-60266 | THREATINT

Description

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address/list is not securely filtered, resulting in a SQL injection vulnerability.

PUBLISHED Reserved 2025-09-26 | Published 2025-10-09 | Updated 2025-10-09 | Assigner mitre

References

gitee.com/bestfeng/xckk

github.com/int-ux/report/issues/2

cve.org (CVE-2025-60266)

nvd.nist.gov (CVE-2025-60266)

Download JSON