Bea Systems Weblogic Express vulnerabilities
2 known vulnerabilities affecting bea_systems/weblogic_express.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2008-0903MEDIUMCVSS 4.3≤ 10.02008-02-22
CVE-2008-0903 [MEDIUM] CVE-2008-0903: Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.
nvd
CVE-2008-0900MEDIUMCVSS 6.0v9.2v10.02008-02-22
CVE-2008-0900 [MEDIUM] CWE-264 CVE-2008-0900: Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through M
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
nvd