PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests
References
Configurations
History
07 Nov 2023, 02:01
Type | Values Removed | Values Added |
---|---|---|
Summary | PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests |
Information
Published : 2007-09-26 22:17
Updated : 2024-04-11 00:42
NVD link : CVE-2007-5097
Mitre link : CVE-2007-5097
CVE.ORG link : CVE-2007-5097
JSON object : View
Products Affected
online_fantasy_football_league
- offl
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')