a bunch header injection vulnerability exists in the forgot password features of ArrowCMS version one.0.0. By sending a specially crafted host header inside the forgot password ask for, it is possible to send out https://www.ralantech.com/mysql-database-health-check-consulting-service/