This website seems to have a SQL-injection vulnerability, at the password reset and login sections.
I noticed this when using a password with random symbols.
I posted this gist to remind myself to tell them to fix it, and to notify everyone else about this