=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
$ Title: NetBill Enterprise Cookie manipulation Vulnerability
$ Version: All Version
$ Author: P0W3RFU7
$ Email: Pandidan@Gmail.com
$ Description: By injecting a custom HTTP header or by injecting a META tag, it is possible to alter the cookies stored in the browser. Attackers will normally manipulate cookie values to fraudulently authenticate themselves on a web site.
=-=-=-=-=-=-=-=-=-=-=-=-(Vulnerability Details)-=-=-=-=-=-=-=-=-=-=
$ Affects: /netbill-holder/user/login/
$ Sample: http://target.com/netbill-holder/user/login/
$ Demo: http://212.80.0.249/netbill-holder/user/login/
$ Note: You must login to your account !
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Greetz:
HUrr!c4nE - Cair3x - black.shadowes - hadihadi - iM4n - Mormoroth - Mr.Hesy - irsdl - Dj7xpl - Sc0rpion , Expl0its , The-0utl4w , Mikili - Net.Edit0r - md.r00t - S3Ri0uS - NeFrin - Skitt3r & My Best Friend Takpar