A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argument id_provincia with the input -1%20union%20all%20select%201,2,3,4,database() leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: VulDB
Published: 2022-06-03T19:10:55
Updated: 2024-08-04T17:30:08.321Z
Reserved: 2022-06-03T00:00:00
Link: CVE-2020-36541
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-06-07T18:15:11.487
Modified: 2022-06-11T03:53:52.440
Link: CVE-2020-36541
Redhat
No data.