Vulnerabilities > BEA > Weblogic Server > 5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2000-12-31 | CVE-2000-1238 | Unspecified vulnerability in BEA Weblogic Server 5.1 BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. | 7.5 |
2000-10-20 | CVE-2000-0683 | Unspecified vulnerability in BEA Weblogic Server 5.1 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. | 5.0 |
2000-10-20 | CVE-2000-0682 | Unspecified vulnerability in BEA Weblogic Server 5.1 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. | 5.0 |
2000-06-21 | CVE-2000-0500 | Unspecified vulnerability in BEA Weblogic Server The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing. | 5.0 |