CVSS: 5.0EPSS: 1%CPEs: 2EXPL: 1CVE-2002-0106 – BEA Systems WebLogic Server and Express 7.0 - Null Character Denial of Service
https://notcve.org/view.php?id=CVE-2002-0106
BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name. El Servidor 6.1 Weblogic de BEA Sistemas, permite a atacantes que remotos causar una negación de servicio vía una serie de peticiones a archivos .JSP que contengan un nombre de dispositivo de MS-DOS. • https://www.exploit-db.com/exploits/21432 http://marc.info/?l=bugtraq&m=101050440629269&w=2 http://www.iss.net/security_center/static/7808.php http://www.securityfocus.com/bid/3816 •
CVSS: 10.0EPSS: 88%CPEs: 1EXPL: 3CVE-2001-0098 – BEA Systems WebLogic Server 4.0 x/4.5 x/5.1 x - Double Dot Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0098
Buffer overflow in Bea WebLogic Server before 5.1.0 allows remote attackers to execute arbitrary commands via a long URL that begins with a ".." string. • https://www.exploit-db.com/exploits/20516 http://archives.neohapsis.com/archives/bugtraq/2000-12/0331.html http://www.securityfocus.com/bid/2138 https://exchange.xforce.ibmcloud.com/vulnerabilities/5782 •
CVSS: 7.5EPSS: 0%CPEs: 14EXPL: 0CVE-2000-1238
https://notcve.org/view.php?id=CVE-2000-1238
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. • ftp://ftpna.bea.com/pub/releases/patches/SecurityBEA00-0600.zip http://www.securityfocus.com/bid/5089 https://exchange.xforce.ibmcloud.com/vulnerabilities/5588 •
CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 2CVE-2000-0685 – Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution
https://notcve.org/view.php?id=CVE-2000-0685
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20125 http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html http://developer.bea.com/alerts/security_000731.html http://www.securityfocus.com/bid/1525 •
CVSS: 5.0EPSS: 0%CPEs: 15EXPL: 0CVE-2000-0682
https://notcve.org/view.php?id=CVE-2000-0682
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://developer.bea.com/alerts/security_000731.html http://www.osvdb.org/1481 http://www.securityfocus.com/bid/1518 •