116 matches found
CVE-2007-5097
PHP remote file inclusion vulnerability in lib/classes/offlnflteam.php in Online Fantasy Football League OFFL 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter. NOTE: this issue is disputed by CVE because a FILE test protects offlnflteam.php against...
CVE-2007-5097
PHP remote file inclusion vulnerability in lib/classes/offlnflteam.php in Online Fantasy Football League OFFL 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter. NOTE: this issue is disputed by CVE because a FILE test protects offlnflteam.php against...
PT-2007-6193 · Unknown · Online Fantasy Football League
Name of the Vulnerable Software and Affected Versions: Online Fantasy Football League OFFL version 0.2.6 Description: The issue allows remote attackers to execute arbitrary PHP code via a URL in the DOC ROOT parameter in the lib/classes/offl nflteam.php file. However, it is noted that a FILE test...
Immunity Canvas: OFFL_INCLUDE
Name| offlinclude ---|--- CVE| CVE-2007-4809 Exploit Pack| CANVAS Description| Online Fantasy Football League 0.2.6 Remote file inclusion Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Online Fantasy Football League CVE Url: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4809 CVE...
Remote file inclusion
Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League OFFL 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter to 1 lib/functions.php or 2 lib/header.php...
CVE-2007-4809
Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League OFFL 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter to 1 lib/functions.php or 2 lib/header.php...
CVE-2007-4809
Summary : OFFL 0.2.6 (Online Fantasy Football League) contains multiple PHP remote file inclusion vulnerabilities that allow an attacker to craft a URL via the DOC_ROOT parameter to include files (lib/functions.php or lib/header.php), resulting in arbitrary PHP code execution under the web server...
CVE-2007-4809
Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League OFFL 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOCROOT parameter to 1 lib/functions.php or 2 lib/header.php...
Online Fantasy Football League (OFFL) 0.2.6 RFI Vulnerabilities
No description provided by source. --------------------------------------------------------------- / | |\ / | / |/ | | |/ | | / | | | | | |/ | | // | || | ||| /| / /\ | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
online-rfi.txt
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...
Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion
Online Fantasy Football League OFFL 0.2.6 - Remote File Inclusion --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg...
Online Fantasy Football League (OFFL) 0.2.6 RFI Vulnerabilities
Exploit for unknown platform in category web applications =============================================================== Online Fantasy Football League OFFL 0.2.6 RFI Vulnerabilities ===============================================================...
Online Fantasy Football League (OFFL) 0.2.6 - Remote File Inclusion
--------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | | |||| /| / / --------------------------------------------------------------- Http://www.inj3ct-it.org Staffatinj3ct-itdotorg --------------------------------------------------------------- Multiple...
CVE-2005-1001
PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to 1 the Surveys module with the file parameter set to comments or 2 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message...
CVE-2005-1001
PHP-Nuke 7.6 is affected by CVE-2005-1001, where remote attackers can obtain sensitive information. The vulnerability arises from direct requests to the Surveys module (file parameter set to comments) or to 3D-Fantasy/theme.php, which causes a PHP error message that leaks the full server pathname...
CVE-2005-1001
PHP-Nuke 7.6 allows remote attackers to obtain sensitive information via direct requests to 1 the Surveys module with the file parameter set to comments or 2 3D-Fantasy/theme.php, which leaks the full pathname of the web server in a PHP error message...