CVE-2015-7568
SQL injection vulnerability in the password recovery feature in Yeager CMS 1.2.1 allows remote attackers to change the account credentials of known users via the "userEmail" parameter.
Date published : 2017-04-24
http://www.securityfocus.com/archive/1/537493/100/0/threaded