CVE-2026-9609 – QianFox FoxCMS Admin.php edit password recovery

CVE ID :CVE-2026-9609

Published : May 27, 2026, 2:16 a.m. | 15 minutes ago

Description :A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem early through an issue report but has not responded yet.

Severity: 5.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-9022 – Splide Carousel Block

CVE-2026-48999 – Stored Cross-Site Scripting (XSS) vulnerability in ZTE ZXUniPOS NDS-LTE product

CVE-2026-48962 – IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob

CVE-2026-48961 – IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID