Vulnerabilities > Freshscripts
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-24 | CVE-2008-7043 | Cross-Site Scripting vulnerability in Freshscripts Fresh Email Script 1.0/1.11 Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. | 4.3 |
2009-08-24 | CVE-2008-7042 | Code Injection vulnerability in Freshscripts Fresh Email Script 1.0/1.11 PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter. | 7.5 |