CVE-2007-4809 | Online Fantasy Football League lib/functions.php DOC_ROOT code injection (EDB-4374 / XFDB-36529)

October 6, 2024
9:58 am

A vulnerability was found in Online Fantasy Football League. It has been classified as critical. Affected is an unknown function of the file lib/functions.php. The manipulation of the argument DOC_ROOT leads to code injection.

This vulnerability is traded as CVE-2007-4809. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

CVE-2007-4809 | Online Fantasy Football League lib/functions.php DOC_ROOT code injection (EDB-4374 / XFDB-36529)

Elvescore.io

Recent Posts

CVE-2025-27893 – Archer Platform Immutable Field Manipulation Information Disclosure

CVE-2024-52285 – SiPass MQTT Authentication Bypass Vulnerability

CVE-2024-56181 – Siemens SIMATIC EFI Variable Manipulation Vulnerability

CVE-2024-56182 – Siemens SIMATIC BIOS Password Bypass Vulnerability

CVE-2024-56336 – “Unsecured Bootloader Vulnerability in SINAMICS S200”

CVE-2025-23384 – Siemens OpenVPN Username Validation Vulnerability

CVE-2007-4809 | Online Fantasy Football League lib/functions.php DOC_ROOT code injection (EDB-4374 / XFDB-36529)

CVE-2007-4809 | Online Fantasy Football League lib/functions.php DOC_ROOT code injection (EDB-4374 / XFDB-36529)