killchain-compendium/exploit/web/php/password_reset.md

# Password Reset

* Using a password reset while inserting an email address via GET and POST method.
* `$_REQUEST` as an array favors POST over GET. So, sending the attacker email address via POST with the GET query parameter.
bump 2021-10-13 01:17:44 +02:00			`# Password Reset`

			`* Using a password reset while inserting an email address via GET and POST method.`
			* `$_REQUEST` as an array favors POST over GET. So, sending the attacker email address via POST with the GET query parameter.