a number header injection vulnerability exists inside the forgot password features of ArrowCMS Variation 1.0.0. By sending a specifically crafted host header within the forgot password request, it is possible to deliver https://www.ralantech.com/mysql-database-health-check-consulting-service/