This indicates a vulnerability in Online Fantasy Football League (OFFL). This vulnerability is caused the failure to validate the "DOC_ROOT" parameter in the "lib/functions.php" and "lib/header.php" scripts. It allows remote attackers to include malicious PHP scripts and execute arbitrary commands.
OFFL OFFL 0.2.6
OFFL OFFL 0.2.3
System compromise, remote script execution.
Currently we are not aware of any official fix for this issue.