Demokratian genera_select.php sql injection
Description
A vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argument id_provincia with the input -1%20union%20all%20select%201,2,3,4,database() leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Demokratian's genera_select.php has an unauthenticated SQL injection via the id_provincia GET parameter, allowing remote data extraction.
Vulnerability
The vulnerability is an SQL injection in basicos_php/genera_select.php in Demokratian, a PHP voting application. The id_provincia GET parameter (function fn_filtro) is passed unsanitized into a SQL query. The code does not validate or escape input; the fix changes the filter function to fn_filtro_numerico. The attack requires no authentication. The affected version is any commit prior to [1] commit b56c48b519fc52efa65404c312ea9bbde320e3fa [1].
Exploitation
An attacker sends a crafted HTTP GET request to basicos_php/genera_select.php?id_provincia=. The payload can use SQL UNION injection, e.g. -1 union all select 1,2,3,4,database(). The attacker does not need any authentication, user interaction, or special network position; exploitation is remote over HTTP [1].
Impact
Successful exploitation allows the attacker to extract arbitrary data from the database, including all voter or application tables. The injection can retrieve database names, tables, and content, leading to a complete loss of confidentiality. The integrity and availability of data are not directly impacted unless the attacker performs write operations (not described) [1].
Mitigation
A patch is available in the commit b56c48b519fc52efa65404c312ea9bbde320e3fa in the Bitbucket repository [1]. The fix changes the filtering function from fn_filtro to fn_filtro_numerico which correctly sanitizes numeric input. Users should update to the master branch or apply the code change manually. No workaround other than patching is mentioned in the references [1].
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- unspecified/Demokratianv5Range: n/a
Patches
1b56c48b519fcVulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- alquimistadesistemas.com/sql-injection-y-archivo-peligroso-en-demokratianmitrex_refsource_MISC
- bitbucket.org/csalgadow/demokratian_votaciones/commits/b56c48b519fc52efa65404c312ea9bbde320e3famitrex_refsource_MISC
- vuldb.commitrex_refsource_MISC
News mentions
0No linked articles in our index yet.