CVE-2018-19893by Jeremyin Security Bulletinson Posted on December 6, 2018 SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.