CVSS: 8.2EPSS: 1%CPEs: 5EXPL: 0CVE-2003-0733
https://notcve.org/view.php?id=CVE-2003-0733
04 Sep 2003 — Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application. • http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/SA_BEA03_36.00.jsp •
CVSS: 9.8EPSS: 4%CPEs: 28EXPL: 0CVE-2003-0151
https://notcve.org/view.php?id=CVE-2003-0151
21 Mar 2003 — BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code. BEA Weblogic Server y Express 6.0 a 7.0 no restringe adecuadamente el acceso a ciertos servlets internos que llevan a cabo funciones administrativas, lo que permite a atacantes remotos leer ficheros arbitrarios o ejecutar código arbitrario. • http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2002-2142
https://notcve.org/view.php?id=CVE-2002-2142
31 Dec 2002 — An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 through 7.0.0.1, does not prepend a "/" character in certain URL patterns, which prevents the proper enforcement of role mappings and policies in applications that use the extension. • http://dev2dev.bea.com/pub/advisory/3 •
CVSS: 5.9EPSS: 0%CPEs: 40EXPL: 0CVE-2002-1030
https://notcve.org/view.php?id=CVE-2002-1030
04 Oct 2002 — Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. • http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0008.html •