CVE-2026-9609 | QianFox FoxCMS up to 1.2.6 Admin.php edit password recovery

A vulnerability, which was classified as critical, has been found in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery.

This vulnerability is documented as CVE-2026-9609. The attack can be initiated remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.VulDB Recent EntriesRead More