4 results (0.003 seconds)

CVSS: 6.8EPSS: 14%CPEs: 2EXPL: 3

Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. • https://www.exploit-db.com/exploits/27620 http://secunia.com/advisories/19623 http://securityreason.com/securityalert/704 http://securitytracker.com/id?1015895 http://securitytracker.com/id?1015896 http://www.argeniss.com/research/ARGENISS-ADV-040602.txt http://www.securityfocus.com/archive/1/430803/100/0/threaded http://www.securityfocus.com/bid/17452 http://www.vupen.com/english/advisories/2006/1322 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-017 •

CVSS: 4.3EPSS: 5%CPEs: 3EXPL: 0

Windows SharePoint Services and SharePoint Team Services for Windows Server 2003 does not properly validate an HTTP redirection query, which allows remote attackers to inject arbitrary HTML and web script via a cross-site scripting (XSS) attack, or to spoof the web cache. • http://www.kb.cert.org/vuls/id/340409 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-006 https://exchange.xforce.ibmcloud.com/vulnerabilities/19091 •

CVSS: 7.5EPSS: 97%CPEs: 8EXPL: 2

Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. Desbordamiento de búfer en la funcionalidad de depuración en fp30reg.dll de Microsoft FrontPage Server Extensions 2000 y 2002 permite a atacantes remotos ejecutar código mediante una cierta petición en trozos codificada. • https://www.exploit-db.com/exploits/121 https://www.exploit-db.com/exploits/16356 http://marc.info/?l=bugtraq&m=106865318904055&w=2 http://marc.info/?l=ntbugtraq&m=106862654906759&w=2 http://secunia.com/advisories/10195 http://www.kb.cert.org/vuls/id/279156 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/13674 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3A •

CVSS: 5.0EPSS: 41%CPEs: 8EXPL: 0

Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. Vulnerabilidad desconocida en el intérprete SmartHTML interpreter (shtml.dll) en Microsoft FrontPage Server Extensions 2000 y 2002, y Microsoft SharePoint Team Services 2002, permite a atacantes remotos causar una denegación de servicio (fallo de respuesta) mediante una cierta petición. • http://secunia.com/advisories/10195 http://www.kb.cert.org/vuls/id/179012 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-051 https://exchange.xforce.ibmcloud.com/vulnerabilities/13680 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A308 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A591 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A606 https://oval.cis •