WorkOrder CMS SQL Injection Vulnerability Allowing Login Bypass

A SQL injection vulnerability has been identified in WorkOrder CMS version 0.1.0. This vulnerability allows unauthenticated attackers to bypass login authentication by manipulating the username and password parameters. Exploitation involves injecting malicious SQL queries, such as using 'OR '1'='1'' to manipulate SQL query logic. The vulnerability arises from improper handling of user input in SQL commands, enabling attackers to access database information or execute administrative commands.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the application, allowing attackers to bypass authentication and potentially gain administrative privileges.

Reproduction

To reproduce this vulnerability, send a POST request to the login endpoint with the username and password parameters. Include a payload that exploits the SQL injection, such as 'OR '1'='1' for both the username and password fields. The injection can be verified by using SQL injection techniques, such as error-based or time-based blind injection, to extract database information or execute commands.