- Description
- A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path in multiple parameters resulting in Blind SQL Injection. This issue was fixed in versions above 8.0.
- Source
- cvd@cert.pl
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- CRITICAL
- cvd@cert.pl
- CWE-89
- Hype score
- Not currently trending
🚨 CVE-2025-12462: Blind S... Unauthenticated blind SQLi via URL path params hitting 9.3 CVSS - complete database extraction without leaving logs. #BlindSQLi #DobryCMS #0day. https://t.co/ZPsp4psr5C #netsec #vulnerability #CVE #sysadmin #zeroday
@0dayPublishing
31 Mar 2026
135 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-12462 Blind SQL Injection Vulnerability in DobryCMS Versions 8.0 and Below https://t.co/y1iMA5a42B
@VulmonFeeds
2 Mar 2026
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨*CVE* CVE-2025-12462 A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind S… https://t.co/GtLRTUYBzw ----- Traducción: CVE-2025-12462 Se … https://t.co/utmtNg
@infoflowcloud
2 Mar 2026
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-12462 A Blind SQL injection vulnerability has been identified in DobryCMS. A remote unauthenticated attacker is able to inject SQL syntax into URL path resulting in Blind S… https://t.co/nnwXEIqkry
@CVEnew
2 Mar 2026
214 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes