3 matches found
Immunity Canvas: PHPFFL_INCLUDE
Name| phpfflinclude ---|--- CVE| CVE-2007-4934 Exploit Pack| CANVAS Description| phpFFL 1.24 Remote file inclusion Notes| CVSS: 4.6 Repeatability: Infinite VENDOR: phpffl CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4934 CVE Name: CVE-2007-4934...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in phpFFL 1.24 allow remote attackers to execute arbitrary PHP code via a URL in the PHPFFLFILEROOT parameter to 1 admin.php, 2 custompages.php, 3 draft.php, 4 faq.php, 5 leagues.php, 6 livedraft.php, 7 login.php, 8 myteam.php, 9 profile.php, 10...
CVE-2007-4934
CVE-2007-4934 and CVE-2007-4935 describe multiple PHP remote file inclusion (RFI) vulnerabilities in phpFFL 1.24. The issue allows an attacker to supply a URL via the PHPFFL_FILE_ROOT parameter to certain PHP files and cause arbitrary PHP code execution. For CVE-2007-4934, vectors include program...