VYPR
Vendor

Online Fantasy Football League

Products
2
CVEs
3
Across products
5
Status
Private

Products

2

Recent CVEs

3
  • CVE-2007-5097CriSep 26, 2007
    risk 0.64cvss 9.8epss 0.01

    PHP remote file inclusion vulnerability in lib/classes/offl_nflteam.php in Online Fantasy Football League (OFFL) 0.2.6 allows remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter. NOTE: this issue is disputed by CVE because a __FILE__ test protects…

  • CVE-2007-4809Sep 11, 2007
    risk 0.08cvss epss 0.56

    Multiple PHP remote file inclusion vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 allow remote attackers to execute arbitrary PHP code via a URL in the DOC_ROOT parameter to (1) lib/functions.php or (2) lib/header.php.

  • CVE-2008-2890Jun 27, 2008
    risk 0.03cvss epss 0.01

    Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter…