PbootCMS 1.2.1 has SQL injection via the HTTP POST data to the api.php/cms/addform?fcode=1 URI.Referenceshttps://github.com/Pbootcms/Pbootcms/issues/1
