Vulnerabilities > CVE-2000-0685 - Unspecified vulnerability in BEA Weblogic Server 3.1.8/4.0.4/4.5.1
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 3 |
Exploit-Db
| description | Weblogic 3.1.8/4.0.4/4.5.1 Remote Command Execution. CVE-2000-0685. Remote exploit for windows platform |
| id | EDB-ID:20125 |
| last seen | 2016-02-02 |
| modified | 2000-08-01 |
| published | 2000-08-01 |
| reporter | Foundstone Inc. |
| source | https://www.exploit-db.com/download/20125/ |
| title | Weblogic 3.1.8/4.0.4/4.5.1 - Remote Command Execution |