PT-2026-43471 · Qianfox · Foxcms

Lzihan

·

Published

2026-05-27

·

Updated

2026-05-27

·

CVE-2026-9609

CVSS v2.0

5.8

Medium

VectorAV:N/AC:L/Au:M/C:P/I:P/A:P
Name of the Vulnerable Software and Affected Versions QianFox FoxCMS versions prior to 1.2.7
Description A flaw exists in the Edit() function within the Admin.php file that allows for weak password recovery. This issue can be exploited remotely by an attacker.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9609

Affected Products

Foxcms