2 matches found
CVE-2025-60266
In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address/list is not securely filtered, resulting in a SQL injection vulnerability...
CVE-2025-60266
CVE-2025-60266 affects xckk v9.6. The vulnerability is a SQL injection in the orderBy parameter of the /address/list endpoint, caused by insufficient filtering. This is described across multiple sources in the connected documents as enabling SQL injection without secure input handling. The PT-202...