CVE-2026-12066

HIGH

PbootCMS Password MemberController.php retrieve password recovery

Title source: cna

Description

A security flaw has been discovered in PbootCMS up to 3.2.12. This vulnerability affects the function retrieve of the file apps/home/controller/MemberController.php of the component Password Handler. The manipulation of the argument username/password/email/checkcode results in weak password recovery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

References (6)

Core 6

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-370561 | PbootCMS Password MemberController.php retrieve password recovery

https://vuldb.com/vuln/370561

Signature, Permissions Required signature permissions-required

VDB-370561 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/370561/cti

Third Party Advisory third-party-advisory

CVE-2026-12066 | CVE Analysis and Report

https://vuldb.com/cve/CVE-2026-12066

Third Party Advisory third-party-advisory

Submit #828374 | PbootCMS 3.2.12 Improper Authentication

https://vuldb.com/submit/828374

Issue Tracking issue-tracking

https://github.com/pbootcmspro/PbootCMS/issues/38

Exploit exploit

https://github.com/yunyan05/MYCVE/tree/main/PbootCMS/V3.2.12-Account-Takeover

View Exploit ZIP pw:eip

Scores

CVSS v3 7.3

EPSS 0.0047

EPSS Percentile 37.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-640

Status published

Products (13)

None/PbootCMS 3.2.0

None/PbootCMS 3.2.1

None/PbootCMS 3.2.10

None/PbootCMS 3.2.11

None/PbootCMS 3.2.12

None/PbootCMS 3.2.2

None/PbootCMS 3.2.3

None/PbootCMS 3.2.4

None/PbootCMS 3.2.5

None/PbootCMS 3.2.6

... and 3 more

Published Jun 12, 2026

Tracked Since Jun 12, 2026