CVE-2025-8536

SQL Injection in DobryCMS

CVSS 9.3 CRITICALEPSS 0.3%CWE-89

A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks. This issue affects older branches of this software.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Affected products

Studio Fabryka · DobryCMS

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://cert.pl/posts/2025/10/CVE-2025-8536 https://studiofabryka.pl/systemy_cms.html