Browse all 4 CVE security advisories affecting Studio Fabryka. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Studio Fabryka develops digital products and web applications, primarily serving creative industries with custom software solutions. Historically, their products have been vulnerable to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. The company has addressed multiple critical security flaws, with four CVEs recorded to date, highlighting ongoing challenges in secure coding practices. While no major public security incidents have been documented, their vulnerability profile suggests a need for strengthened security testing and regular patch management to mitigate risks in client-facing applications.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-14532 | Remote Code Execution via Unrestricted File Upload in DobryCMS — DobryCMSCWE-434 | 9.8AI | CriticalAI | 2026-03-02 |
| CVE-2025-12462 | Blind SQL Injection in DobryCMS — DobryCMSCWE-89 | 9.8AI | CriticalAI | 2026-03-02 |
| CVE-2025-8536 | SQL Injection in DobryCMS — DobryCMSCWE-89 | 9.8 | - | 2025-10-24 |
| CVE-2025-4379 | Reflected XSS in DobryCMS — DobryCMSCWE-79 | 6.1AI | MediumAI | 2025-05-23 |
This page lists every published CVE security advisory associated with Studio Fabryka. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.