VULHUB ™

phpFFL中存在多个PHP远程文件包含漏洞，远程攻击者可以借助(1) admin.php, (2) custom_pages.php, (3) draft.php, (4) faq.php, (5) leagues.php, (6) livedraft.php, (7) login.php, (8) my_team.php, (9) profile.php, (10) signup.php, (11) statistics.php, (12) transactions.php, (13) program_files/admin/custom_pages.php,或(14) program_files/common.php的PHPFFL_FILE_ROOT 参数的一个URL执行任意PHP代码。

phpFFL中存在多个PHP远程文件包含漏洞，远程攻击者可以借助(1) admin.php, (2) custom_pages.php, (3) draft.php, (4) faq.php, (5) leagues.php, (6) livedraft.php, (7) login.php, (8) my_team.php, (9) profile.php, (10) signup.php, (11) statistics.php, (12) transactions.php, (13) program_files/admin/custom_pages.php,或(14) program_files/common.php的PHPFFL_FILE_ROOT 参数的一个URL执行任意PHP代码。