Pbootcms · Pbootcms · CVE-2018-18211
**Name of the Vulnerable Software and Affected Versions**
PbootCMS version 1.2.1
**Description**
The issue is related to SQL injection, which can be exploited via HTTP POST data sent to the "api.php/cms/addform?fcode=1" endpoint.
**Recommendations**
For PbootCMS version 1.2.1, update to a newer version that contains a fix for this issue.