Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft frontpage vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2000-0413
The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote malicious users to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
Microsoft Frontpage
Microsoft Internet Information Server 4.0
Microsoft Internet Information Services 5.0
1 EDB exploit
1 Github repository
5
CVSSv2
CVE-2000-0122
Frontpage Server Extensions allows remote malicious users to determine the physical path of a virtual directory via a GET request to the htimage.exe CGI program.
Microsoft Frontpage 2000
Microsoft Frontpage 98
5
CVSSv2
CVE-2000-0114
Frontpage Server Extensions allows remote malicious users to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
Microsoft Internet Information Server 3.0
Microsoft Internet Information Server 4.0
1 Github repository
5
CVSSv2
CVE-1999-1016
Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as t...
Microsoft Outlook Express 5.0
Qualcomm Eudora
Microsoft Frontpage
Microsoft Internet Explorer 5.0
1 EDB exploit
5
CVSSv2
CVE-1999-1052
Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote malicious users to read possibly sensitive information submitted by other users.
Microsoft Frontpage
5
CVSSv2
CVE-2000-0153
FrontPage Personal Web Server (PWS) allows remote malicious users to read files via a .... (dot dot) attack.
Microsoft Personal Web Server 4.0
Microsoft Frontpage
5
CVSSv2
CVE-1999-0386
Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote malicious user to read files on the server by using a nonstandard URL.
Microsoft Personal Web Server 4.0
Microsoft Frontpage
1 EDB exploit
5
CVSSv2
CVE-1999-0012
Some web servers under Microsoft Windows allow remote malicious users to bypass access restrictions for files with long file names.
Netscape Fasttrack Server 3.01
Microsoft Personal Web Server 4.0
Netscape Enterprise Server 3.0
Microsoft Internet Information Server 4.0
Netscape Fasttrack Server 2.01
Microsoft Frontpage
4.3
CVSSv2
CVE-2013-3137
Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote malicious users to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."
Microsoft Frontpage 2003
NA
CVE-2022-2170
The Microsoft Advertising Universal Event Tracking (UET) WordPress plugin prior to 1.0.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed. Due to t...
Microsoft Microsoft Advertising Universal Event Tracking
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5324
path traversal
CVE-2024-4743
CVE-2024-5184
TCP
CVE-2024-27822
code injection
CVE-2024-28995
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4