CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2000-0681
https://notcve.org/view.php?id=CVE-2000-0681
13 Oct 2000 — Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0186.html •
CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 2CVE-2000-0685 – Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2000-0685
13 Oct 2000 — BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20125 •
CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 2CVE-2000-0500 – BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure
https://notcve.org/view.php?id=CVE-2000-0500
21 Jun 2000 — The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. • https://www.exploit-db.com/exploits/20027 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2000-0499
https://notcve.org/view.php?id=CVE-2000-0499
08 Jun 2000 — The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0262.htm • CWE-178: Improper Handling of Case Sensitivity •