ГлавнаяУязвимости → CVE-2025-14532
9.8критическая

CVE-2025-14532

Описание

DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was fixed in versions above 5.0.

Затрагиваемое ПО
Studiofabryka Dorbycms
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://cert.pl/posts/2026/03/CVE-2025-12462/