CVE-2008-7042 Information

Feb 14, 2021 cve

Description

PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.

Reference

http://www.securityfocus.com/bid/32241 http://www.vupen.com/english/advisories/2008/3096 https://exchange.xforce.ibmcloud.com/vulnerabilities/46527 freshemailscript-url-file-include(46527) https://www.exploit-db.com/exploits/7080 PHP remote file inclusion vulnerability in url.php in FreshScripts Fresh Email Script 1.0 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the tmp_sid parameter.

Share on: