CVE-2006-0015

CVE Database · CVE-2006-0015

CVE-2006-0015

· N/AModified

CVSS v3.1

N/A

EPSS

24.41%

Published

Apr 11, 2006

Modified

Apr 15, 2026

Public PoC / Exploit (2)

All weaponized →

Exploit-DBMicrosoft FrontPage - Server Extensions Cross-Site Scripting TrickestTrickest PoC index

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.

Affected Products (2)

microsoft · frontpage_server_extensionsvulnerable

microsoft · sharepoint_team_servicesvulnerable

References (20)

http://secunia.com/advisories/19623

PatchVendor Advisory

http://securityreason.com/securityalert/704

http://securitytracker.com/id?1015895

Patch

http://securitytracker.com/id?1015896

Patch

http://www.argeniss.com/research/ARGENISS-ADV-040602.txt

ExploitPatchVendor Advisory

http://www.securityfocus.com/archive/1/430803/100/0/threaded

http://www.securityfocus.com/bid/17452

ExploitPatch

KEV Catalog EPSS Scores Vendors All CVEs