Page 5 of 24 results (0.005 seconds)

CVSS: 10.0EPSS: 3%CPEs: 3EXPL: 2

CVE-2000-0685 – Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution

https://notcve.org/view.php?id=CVE-2000-0685

BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file. • https://www.exploit-db.com/exploits/20125 http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html http://developer.bea.com/alerts/security_000731.html http://www.securityfocus.com/bid/1525 •

CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0

CVE-2000-0681

https://notcve.org/view.php?id=CVE-2000-0681

Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0186.html http://www.securityfocus.com/bid/1570 •

CVSS: 5.0EPSS: 1%CPEs: 8EXPL: 2

CVE-2000-0500 – BEA Systems WebLogic Express 3.1.8/4/5 - Source Code Disclosure

https://notcve.org/view.php?id=CVE-2000-0500

The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. • https://www.exploit-db.com/exploits/20027 http://marc.info/?l=bugtraq&m=96161462915381&w=2 http://www.securityfocus.com/bid/1378 http://www.weblogic.com/docs51/admindocs/http.html#file https://exchange.xforce.ibmcloud.com/vulnerabilities/4775 •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

CVE-2000-0499

https://notcve.org/view.php?id=CVE-2000-0499

The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. • http://archives.neohapsis.com/archives/ntbugtraq/2000-q2/0262.htm http://developer.bea.com/alerts/security_000612.html http://www.securityfocus.com/bid/1328 https://exchange.xforce.ibmcloud.com/vulnerabilities/4694 • CWE-178: Improper Handling of Case Sensitivity •