28 matches found
CVE-2025-14532
DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0...
CVE-2025-12462
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...
CVE-2025-14532 Remote Code Execution via Unrestricted File Upload in DobryCMS
DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0...
CVE-2025-14532 Remote Code Execution via Unrestricted File Upload in DobryCMS
DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0...
CVE-2025-12462
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...
CVE-2025-12462 Blind SQL Injection in DobryCMS
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...
CVE-2025-12462
DobryCMS has a Blind SQL Injection vulnerability (CVE-2025-12462) exploitable by a remote unauthenticated attacker via the URL path. Root cause is input handling in the URL path leading to blind SQLi. Affected: DobryCMS; fixed in versions above 8.0. Practically, upgrading to the latest release (a...
CVE-2025-12462 Blind SQL Injection in DobryCMS
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...
EUVD-2025-208153
A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind SQL Injection. This issue was fixed in versions above 8.0...
Studio Fabryka DobryCMS SQL注入漏洞
Studio Fabryka DobryCMS is a content management system developed by Studio Fabryka. Versions of Studio Fabryka DobryCMS prior to version 8.0 had a SQL injection vulnerability. This vulnerability stemmed from SQL injections in URL paths, which could lead to blind injection attacks...
PT-2026-22581
Name of the Vulnerable Software and Affected Versions DobryCMS versions prior to 5.0 Description The software’s file upload functionality allows unauthenticated remote attackers to upload files of any type and extension without restriction. This can lead to Remote Code Execution. Recommendations...
Studio Fabryka DobryCMS 代码问题漏洞
Studio Fabryka DobryCMS is a content management system developed by Studio Fabryka. Versions of Studio Fabryka DobryCMS prior to version 5.0 had code vulnerabilities. These vulnerabilities stemmed from defects in the file upload functionality, which could lead to remote code execution...
PT-2026-22580
Name of the Vulnerable Software and Affected Versions DobryCMS versions prior to 8.0 Description A Blind SQL injection issue exists in DobryCMS. An unauthenticated remote attacker can inject SQL syntax into a URL path, leading to a Blind SQL injection. The vulnerability allows for the injection o...
CVE-2025-8536
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software...
CVE-2025-8536
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software...
CVE-2025-8536 SQL Injection in DobryCMS
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software...
CVE-2025-8536
DobryCMS is affected by CVE-2025-8536, a SQL injection arising from improper neutralization of user input in the system’s language functionality. The vulnerability impacts older branches of DobryCMS and is rated high impact (CVSS 4.0: Critical overall, with high impact to confidentiality and inte...
CVE-2025-8536 SQL Injection in DobryCMS
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software...
EUVD-2025-35848
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software...
Studio Fabryka DobryCMS SQL注入漏洞
Studio Fabryka DobryCMS is a content management system from Studio Fabryka, Inc. Studio Fabryka DobryCMS suffers from a SQL injection vulnerability that stems from improper neutralization of user-entered language functions, which could lead to an SQL injection attack...