CVE-2026-12066— PbootCMS Password MemberController.php retrieve password recovery
Possible ATT&CK Techniques 1AI
T1078 · Valid AccountsGet alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-12066
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
PbootCMS Password MemberController.php retrieve password recovery
Source: NVD (National Vulnerability Database)
Vulnerability Description
A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password recovery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Source: NVD (National Vulnerability Database)
Vulnerability Type
忘记口令恢复机制弱
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | PbootCMS | 3.2.0 | cpe:2.3:a:pbootcms:pbootcms:*:*:*:*:*:*:*:* |
II. Public POCs for CVE-2026-12066
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCVerified env Premium
Qwen3.6-35B-A3B · 9212 chars
Pro+ exclusive includes:
Vulnerability reproduction recording (real sandbox build + trigger, exclusive)
In-depth vulnerability mechanism
Trigger conditions & impact
Full executable POC code
Exploit chain & mitigation
POC zip download
100+ AI POC generations per month
III. Intelligence Information for CVE-2026-12066
请登录查看更多情报信息。
Proof of Concept for CVE-2026-12066 (2)
IV. Related Vulnerabilities
Same product: PbootCMS
- CVE-2026-4514
PbootCMS Backend UserController.php access control - CVE-2026-4510
PbootCMS Parameter MemberController.php alert_location cross - CVE-2026-4509
PbootCMS File Upload file.php incomplete blacklist - CVE-2026-4508
PbootCMS Member Login MemberController.php checkUsername sql - CVE-2025-15154
PbootCMS Header handle.php get_user_ip less trusted source
Same weakness: CWE-640
- CVE-2026-50635
LimeSurvey Password Reset Host Header Injection Discloses Re - CVE-2026-10169
OUSL-GROUP-BrinaryBrains School Student Management System Fo - CVE-2026-7459
Simple History – Track, Log, and Audit WordPress Changes <= - CVE-2026-35676
phpMyFAQ - Unauthenticated Password Reset via User Password - CVE-2026-9609
QianFox FoxCMS Admin.php edit password recovery
V. Comments for CVE-2026-12066
No comments yet