Access refused by SQL/Script injection protection in main.inc.php (type=1 key=0 value=action=forgot-password&controller=forgottenpassword&ctoken=%242y%2410%24OynhcznTWGz3ED.pvsjqJ..%2FPHgcJQscCoK4HZDpy.6g3t%2FuZT%2FHC page=/ERP/htdocs/custom/externalaccess/www/?action=forgot-password&controller=forgottenpassword&ctoken=%242y%2410%24OynhcznTWGz3ED.pvsjqJ..%2FPHgcJQscCoK4HZDpy.6g3t%2FuZT%2FHC)