VYPR

Poweraward

by Poweraward

CVEs (2)

  • CVE-2008-5204Nov 21, 2008
    risk 0.03cvss epss 0.02

    Multiple directory traversal vulnerabilities in PowerAward 1.1.0 RC1, when register_globals is enabled, allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the lang parameter to (1) agb.php, (2) angemeldet.php, (3)…

  • CVE-2008-5203Nov 21, 2008
    risk 0.03cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in external_vote.php in PowerAward 1.1.0 RC1 allows remote attackers to inject arbitrary web script or HTML via the l_vote_done parameter.