Vulnerabilities > BEA Systems > Weblogic Express > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-22 | CVE-2008-0903 | Denial-Of-Service vulnerability in BEA Systems Weblogic Express and Weblogic Server Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL. network bea-systems | 4.3 |
2008-02-22 | CVE-2008-0900 | Permissions, Privileges, and Access Controls vulnerability in multiple products Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors. | 6.0 |