Vulnerability Details CVE-2007-5097
PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects offl_nflteam.php against direct requests
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.7%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
Products affected by CVE-2007-5097
-
cpe:2.3:a:online_fantasy_football_league:offl:0.2.6