Critical severityNVD Advisory· Published Mar 2, 2026· Updated Apr 27, 2026

CVE-2025-12462

Description

A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection.

This issue was fixed in versions above 8.0.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

cert.pl/posts/2026/03/CVE-2025-12462/nvd

News mentions

No linked articles in our index yet.

cvss	0.585
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000