CVE-2007-5097

CVE-2007-5097 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests

Learn more about our Web Application Penetration Testing UK.