Brute force risk in Exactseek.com

[iKincideReceyaNik () yaHoo com]

"ExactSeek.com is a meta tag search engine and web directory, featuring over 3 million free, enhanced and paid site 
listings."

has a brute force risk in its member panel for the web sites.

With the help of this risk, attacker may find the password and member ID and can change the information about the 
victim's account.

Member ID string is 7 characters long and only consist of numbers, Password string is 6 characters long and consist of 
numbers and letters and password can not change by user.

Brief example:

URL : http://www.exactseek.com/cgi-bin/member.cgi?m=[MemberID]&p=[PassWorD]


---------------------------------------------------------------------------
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The Norwich University program offers unparalleled Infosec management 
education and the case study affords you unmatched consulting experience. 
Tailor your education to your own professional goals with degree 
customizations including Emergency Management, Business Continuity Planning, 
Computer Emergency Response Teams, and Digital Investigations. 

http://www.msia.norwich.edu/secfocus
----------------------------------------------------------------------------