CVE-2025-12462

Published: Mar 2, 2026

Modified: Mar 31, 2026

PUBLISHED

Description

A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0.

Vendor	Product	Versions
Studio Fabryka	DobryCMS	affected `0 - < 8.0`

Weaknesses (CWE)

CWE-89

References

https://cert.pl/posts/2026/03/CVE-2025-12462/

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2025-12462

Description

Affected Products

Weaknesses (CWE)

References