Fresh Email Script

fresh_email_script

Vendor: Freshscripts • 2 CVEs

CVEs (2)

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

1Freshscripts

1Fresh Email Script

Apr 23, 2026

Aug 24, 2009

N/A· v4

N/A· v3

4.3 MEDIUM· v2

Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leve...Show more

Cross-site scripting (XSS) vulnerability in register.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to inject arbitrary web script or HTML via the Email parameter. NOTE: this can be leveraged to modify cookies and conduct session fixation attacks.Show less

1Freshscripts

1Fresh Email Script

Apr 23, 2026

Aug 24, 2009

N/A· v4

N/A· v3

7.5 HIGH· v2

PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.