Rayan Information Technology SQLi Vulnerability

As reported on CXSecurity.com, cracker VAHiD ZOOM has found a SQL injection vulnerability on web designer platform of Rayan Information Technology. Examples of this vulnerability can be seen at following locations:

http://sport-ac.ir/uploaded/view_file_group.php?ci=59%27
http://handballrazavi.ir/uploaded/view_file_group.php?ci=11%27
http://anjomanharazavi.ir/uploaded/view_file_group.php?ci=3%27
http://dartrazavi.ir/uploaded/view_file_group.php?ci=4%27
http://www.tabaran.com/uploaded/view_file_group.php?ci=5%27

With attention to the big number of websites designed by Rayan Information Technology Company this vulnerability is a vulneravility that can affect many people, althoguh of course the risk is low it should be fixed as soon as possible.

Leave a Reply

Your email address will not be published. Required fields are marked *