4.5.1

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

network

low complexity

bea

critical

exploit available

NVD

Published: 2000-10-20

Updated: 2008-09-10

Summary

BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote attackers to compile and execute Java JSP code by directly invoking the servlet on any source file.

Vulnerable Configurations

Part	Description	Count
Application	Bea BEA Weblogic Server 3.1.8 BEA Weblogic Server 4.0.4 BEA Weblogic Server 4.5.1	3

Exploit-Db

description	NetZero ZeroPort 3.0 Weak Encryption Method Vulnerability. CVE-2000-0625,CVE-2000-0684. Local exploit for windows platform
id	EDB-ID:20081
last seen	2016-02-02
modified	2000-07-18
published	2000-07-18
reporter	Brian Carrier
source	https://www.exploit-db.com/download/20081/
title	NetZero ZeroPort 3.0 Weak Encryption Method Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References