Page 30 of 152 results (0.003 seconds)

CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 2

BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20125 http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html http://developer.bea.com/alerts/security_000731.html http://www.securityfocus.com/bid/1525 •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://developer.bea.com/alerts/security_000731.html http://www.osvdb.org/1481 http://www.securityfocus.com/bid/1518 •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0186.html http://www.securityfocus.com/bid/1570 •

CVSS: 10.0EPSS: 1%CPEs: 3EXPL: 2

BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20081 http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html http://developer.bea.com/alerts/security_000731.html http://www.securityfocus.com/bid/1525 •

CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0

BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://developer.bea.com/alerts/security_000728.html http://www.osvdb.org/1480 http://www.securityfocus.com/bid/1517 •