How to Buy
This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.
The remote web server contains a server extension that is affected by
a cross-site scripting vulnerability.
The version of Microsoft FrontPage Server Extensions 2002 / SharePoint
Team Services on the remote host is affected by a cross-site scripting
(XSS) vulnerability due to improper sanitization of user-supplied
input to the 'operation', 'command', and 'name' parameters to file
/_vti_bin/_vti_adm/fpadmdll.dll before using the input to generate
dynamic HTML. A remote attacker can exploit this issue to cause
arbitrary HTML and script code to be executed in a user's browser
session in the context of the affected website.
See also :
Microsoft has released a set of patches for Frontapage 2002 for XP and
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 21247 (frontpage_fpadmdll_xss.nasl)
Bugtraq ID: 17452
CVE ID: CVE-2006-0015
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.