CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 2CVE-2000-0684 – NetZero ZeroPort 3.0 - Weak Encryption Method
https://notcve.org/view.php?id=CVE-2000-0684
BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20081 http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html http://developer.bea.com/alerts/security_000731.html http://www.securityfocus.com/bid/1525 •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2000-0683
https://notcve.org/view.php?id=CVE-2000-0683
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://developer.bea.com/alerts/security_000728.html http://www.osvdb.org/1480 http://www.securityfocus.com/bid/1517 •
CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 2CVE-2000-0500 – BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure
https://notcve.org/view.php?id=CVE-2000-0500
The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. • https://www.exploit-db.com/exploits/20027 http://marc.info/?l=bugtraq&m=96161462915381&w=2 http://www.securityfocus.com/bid/1378 http://www.weblogic.com/docs51/admindocs/http.html#file https://exchange.xforce.ibmcloud.com/vulnerabilities/4775 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2000-0499
https://notcve.org/view.php?id=CVE-2000-0499
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0262.htm http://developer.bea.com/alerts/security_000612.html http://www.securityfocus.com/bid/1328 https://exchange.xforce.ibmcloud.com/vulnerabilities/4694 • CWE-178: Improper Handling of Case Sensitivity •