CVE-2007-5097

2007-09-26T18:17:00
ID CVE-2007-5097
Type cve
Reporter NVD
Modified 2008-11-15T01:59:41

Description

DISPUTED PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a FILE test protects offl_nflteam.php against direct requests.