Personal Fav. #4:
Pers. XSS on admin login page
çSteal session IDs
çOverwrite login form’s ‘action’ attribute: phish the admin password!
çPhishing heaven!
çReal example: Pers. XSS on Aruba 800 Mobility Controller's login page [link] 
¼You own the controller you own all the WAPs – sweet! J
●Credits: Adair Collins, Steve Palmer and Jan Fry