Sql injection

A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicosphp/generaselect.php. The manipulation of the argument idprovincia with the input -1%20union%20all%20select%201,2,3,4,database leads to sql injection. T...

CVE-2020-36541

Summary : Demokratian web application SQL injection in basicos_php/genera_select.php. The vulnerability occurs in the id_provincia parameter via payload like -1%20union%20all%20select%201,2,3,4,database(), enabling unauthorized database access. The issue is described as remote and publicly exploi...