RSS   Vulnerabilities for 'OFFL'   RSS

2007-09-26
 
CVE-2007-5097

CWE-94
 

 
** DISPUTED ** PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests.

 
2007-09-11
 
CVE-2007-4809

 

 
Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter to (1) lib/functions.php or (2) lib/header.php.

 


Copyright 2024, cxsecurity.com

 

Back to Top