13 matches found
Microsoft FrontPage Server Extensions Cross Site Scripting (MS06-017: CVE-2006-0015)
A Cross Site Scripting vulnerability exists in Microsoft FrontPage Server Extensions and Microsoft SharePoint Team Services. The vulnerability is caused as a result of the failure of these products to properly validate certain CGI parameters passed to them. This vulnerability allows arbitrary HTM...
Microsoft SharePoint Cross Site Scripting Vulnerability
This host is running Microsoft SharePoint Server and is prone to Cross Site Scripting vulnerability. OpenVAS Vulnerability Test $Id: gbmssharepointxssvuln.nasl 5323 2017-02-17 08:49:23Z teissa $ Microsoft SharePoint Cross Site Scripting Vulnerability Authors: Antu Sanadi Copyright: Copyright c 20...
Microsoft SharePoint <= 12.0.0.6421 XSS Vulnerability
Microsoft SharePoint Server is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only nb: While onl...
FreeBSD Ports: frontpage -- cross site scripting vulnerability
The remote host is missing an update to the system as announced in the referenced advisory. VID c0171f59-ea8a-11da-be02-000c6ec775d9 OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
Microsoft FrontPage Server Extensions跨站脚本漏洞(MS06-017)
FrontPage Server Extensions为FrontPage服务扩展,与IIS一起使用可以方便的支持管理、创建以及浏览FrontPage扩展的网站。 FrontPage Server Extensions对HTML页面的处理存在输入验证漏洞,远程攻击者可能在客户机器上执行任意脚本代码。 FrontPage Server Extensions的fpadmdll.dll中的一些参数没有正确的过滤返回给用户的特定输入,导致跨站脚本问题,可能允许攻击者以当前会话权限以客户机的浏览器中执行恶意脚本代码,利用这个漏洞必须用户交互。...
Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting
Argeniss Security Advisory Name: Vulnerability in Microsoft FrontPage Server Extensions Could Allow Cross-Site Scripting MS06-17 Affected Software: Microsoft FrontPage Server Extensions 2002 and Microsoft SharePoint Team Services Severity: Medium Remote exploitable: Yes User intervention required...
Cross site scripting
Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...
CVE-2006-0015
Cross-site scripting XSS vulnerability in vtibin/vtiadm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the 1...
CVE-2006-0015
The CVE-2006-0015 entry describes a cross-site scripting (XSS) vulnerability in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services via the /_vti_bin/_vti_adm/fpadmdll.dll page. The root cause is improper sanitization of CGI parameters (operation, command, name), allowing remo...
Microsoft Security Bulletin MS05-006
Microsoft Security Bulletin MS05-006 Vulnerability in Windows SharePoint Services and SharePoint Team Services Could Allow Cross-Site Scripting and Spoofing Attacks 887981 Issued: February 8, 2005 Version: 1.0 Summary Who should read this document: Customers who use Microsoft Windows SharePoint...
CVE-2003-0824
Unknown vulnerability in the SmartHTML interpreter shtml.dll in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service response failure via a certain request...
Security Update for SharePoint Team Services (KB911701)
A cross-site scripting and spoofing vulnerability exists in SharePoint Team Services from Microsoft. This update fixes that vulnerability...
Security Update for SharePoint Team Services (KB890829)
A security vulnerability exists in SharePoint Team Services from Microsoft that could allow cross-site scripting and spoofing attacks. This update resolves that vulnerability...