A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind SQL Injection.
This issue was fixed in versions above 8.0.
CVSS
No CVSS.
References
| Link | Resource |
|---|---|
| https://cert.pl/posts/2026/03/CVE-2025-12462/ |
Configurations
No configuration.
History
02 Mar 2026, 13:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-03-02 13:16
Updated : 2026-03-02 20:29
NVD link : CVE-2025-12462
Mitre link : CVE-2025-12462
CVE.ORG link : CVE-2025-12462
JSON object : View
Products Affected
No product.
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')