2026-01-13 22:52:10
VulnCheck
PUBLISHED
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. Attackers can inject malicious SQL queries using techniques like OR 1=1 and stacked queries to access database information or execute administrative commands.