a number header injection vulnerability exists during the forgot password functionality of ArrowCMS version one.0.0. By sending a specially crafted host header within the forgot password request, it is possible to send https://www.ralantech.com/mysql-database-health-check-consulting-service/