This plugin audits the frontpage extension configuration by trying to upload a file to the remote server using the author.dll script provided by FrontPage.

Plugin type



Name Type Default Value Description Help
stopOnFirst boolean True Stop on the first successful file upload The default value is usually a good idea, because if we can upload a file to a directory, the chances are that we can upload to every directory; and if this is the case, we would get a lot of vulnerabilities reported, that are really only one.


For more information about this plugin and the associated tests, there’s always the source code to understand exactly what’s under the hood:
github-logoPlugin source code
Unittest source code


This plugin depends on infrastructure.frontpage_version.