CVE-2025-8536
CVE-2025-8536
9.3
CriticalPublished:
Last updated:
Source:cvd@cert.pl
Deferred
Weakness (CWE)
CVSS Vector
v4.0- Attack Vector
- Network
- Attack Complexity
- Low
- Attack Requirements
- None
- Privileges Required
- None
- User Interaction
- None
- Confidentiality (Vulnerable)
- High
- Integrity (Vulnerable)
- High
- Availability (Vulnerable)
- Low
- Confidentiality (Subsequent)
- None
- Integrity (Subsequent)
- None
- Availability (Subsequent)
- None
Description
A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software.
References
cvd@cert.pl
https://cert.pl/posts/2025/10/CVE-2025-8536cvd@cert.pl
https://studiofabryka.pl/systemy_cms.html