CVE-2020-36541

Name of the Vulnerable Software and Affected Versions Demokratian (affected versions not specified)

Description A critical issue has been found in Demokratian, affecting some unknown functionality of the file basicos php/genera select.php. The manipulation of the id provincia argument with the input -1 union all select 1,2,3,4,database() leads to SQL injection. This issue can be exploited remotely. The exploit has been disclosed to the public and may be used.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.