CVE 9.3 CRITICAL

SQL Injection in DobryCMS_CVE-2025-8536

October 24, 2025 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Description

A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks.

This issue affects older branches of this software.

AI Analysis

SQL injection vulnerability in DobryCMS due to improper neutralization of user input

Basic Information

ID CVE-2025-8536

Source CERT-PL

Published Oct 24, 2025 at 14:18

Modified Oct 24, 2025 at 14:40

Affected Product

Vendor Studio Fabryka

Product DobryCMS

Affected Versions Studio Fabryka DobryCMS 0

CWE Classification

CWE-89

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Studio Fabryka

Product DobryCMS

References

{
    "lastseen": "",
    "description": "A SQL injection vulnerability has been identified in DobryCMS. Improper neutralization of input provided by user into language functionality allows for SQL Injection attacks.\n\nThis issue affects older branches of this software.",
    "published": "2025-10-24T14:18:20.189Z",
    "modified": "2025-10-24T14:40:35.098Z",
    "type": "cve",
    "title": "SQL Injection in DobryCMS",
    "source": "CERT-PL",
    "references": "https://cert.pl/posts/2025/10/CVE-2025-8536\nhttps://studiofabryka.pl/systemy_cms.html",
    "id": "CVE-2025-8536",
    "bulletinFamily": "",
    "cwe": [
        "CWE-89"
    ],
    "cvelist": null,
    "sourceData": "Studio Fabryka DobryCMS 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "DobryCMS",
    "version": "0",
    "vendor": "Studio Fabryka",
    "ai_description": "SQL injection vulnerability in DobryCMS due to improper neutralization of user input",
    "ai_severity": "Critical",
    "ai_vendor": "Studio Fabryka",
    "ai_product": "DobryCMS",
    "ai_version": "0",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply