Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Online Fantasy Football League Subscribe
Filtered by product Offl
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2007-4809 1 Online Fantasy Football League 1 Offl 2017-09-28 7.5 HIGH N/A
Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter to (1) lib/functions.php or (2) lib/header.php.
CVE-2007-5097 1 Online Fantasy Football League 1 Offl 2008-11-14 7.5 HIGH N/A
** DISPUTED ** PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests.