CVE-2006-0015
published 2006-04-11CVE-2006-0015: Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows…
PriorityP433medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
24.41%
97.6th percentile
Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | frontpage_server_extensions | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
http://secunia.com/advisories/19623http://securityreason.com/securityalert/704http://securitytracker.com/id?1015895http://securitytracker.com/id?1015896http://www.argeniss.com/research/ARGENISS-ADV-040602.txthttp://www.securityfocus.com/archive/1/430803/100/0/threadedhttp://www.securityfocus.com/bid/17452http://www.vupen.com/english/advisories/2006/1322https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-017https://exchange.xforce.ibmcloud.com/vulnerabilities/25537https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1748http://secunia.com/advisories/19623http://securityreason.com/securityalert/704http://securitytracker.com/id?1015895http://securitytracker.com/id?1015896http://www.argeniss.com/research/ARGENISS-ADV-040602.txthttp://www.securityfocus.com/archive/1/430803/100/0/threadedhttp://www.securityfocus.com/bid/17452http://www.vupen.com/english/advisories/2006/1322https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-017https://exchange.xforce.ibmcloud.com/vulnerabilities/25537https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1748
2006-04-11
Published