DobryCMS Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

A vulnerability in DobryCMS's file upload feature allows unauthenticated remote attackers to upload files of any type and extension without restriction. This unrestricted file upload can lead to remote code execution. The vulnerability exists in DobryCMS versions 1.0 through 1.* inclusive, 2.0 through 2.* inclusive, and version 5.0. It was fixed in versions above 5.0.

Impact

Exploitation of this vulnerability could result in remote code execution on the server where DobryCMS is hosted.

Added: Mar 2, 2026, 1:18 PM

Updated: Mar 2, 2026, 10:08 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

DobryCMS Unrestricted File Upload Vulnerability Allowing Remote Code Execution

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating