Back to search
CVE-2008-2890
Published: Jun 27, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple SQL injection vulnerabilities in Online Fantasy Football League (OFFL) 0.2.6 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) fflteam_id parameter to teams.php, the (2) league_id parameter to leagues.php, and the (3) player_id parameter to players.php.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
29861
vdb-entry
x_refsource_BID
3960
third-party-advisory
x_refsource_SREASON
5889
exploit
x_refsource_EXPLOIT-DB
30795
third-party-advisory
x_refsource_SECUNIA
offl-teams-sql-injection(43259)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now