Summary
PHPFootball is prone to an information-disclosure vulnerability because it fails to properly sanitize user-supplied input.
An attacker can exploit this vulnerability to obtain sensitive information that may lead to further attacks.
PHPFootball 1.6 is vulnerable
other versions may also be affected.
Severity
Classification
-
CVE CVE-2009-0711 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Struts2/XWork Remote Command Execution Vulnerability
- Apache Struts2 'XWork' Information Disclosure Vulnerability
- 11in1 Cross Site Request Forgery and Local File Include Vulnerabilities
- Apache ActiveMQ Persistent Cross-Site Scripting Vulnerability
- Apache Open For Business HTML injection vulnerability