Freshscripts Fresh Email Script vulnerabilities
2 known vulnerabilities affecting freshscripts/fresh_email_script.
Total CVEs
2
CISA KEV
0
Public exploits
2
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2008-7042P3HIGHCVSS 7.5PoCv1.0v1.112009-08-24
CVE-2008-7042 [HIGH] CWE-94 CVE-2008-7042: PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.
PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.
nvd
CVE-2008-7043P4MEDIUMCVSS 4.3PoCv1.0v1.112009-08-24
CVE-2008-7043 [MEDIUM] CWE-79 CVE-2008-7043: Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 thro
Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks.
nvd