Workordercms

Source repositories

CVE	Sev	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2023-54340	Hig	0.53	8.2	0.00		Jan 13, 2026	WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. Attackers can inject malicious SQL queries using techniques like OR '1'='1' and stacked queries to access database information or execute administrative commands.

CVE-2023-54340HigJan 13, 2026
risk 0.53cvss 8.2epss 0.00
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. Attackers can inject malicious SQL queries using techniques like OR '1'='1' and stacked queries to access database information or execute administrative commands.