Vulnerabilities > BEA > Weblogic Server > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2000-12-31 | CVE-2000-1238 | Unspecified vulnerability in BEA Weblogic Server 5.1 BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. | 7.5 |
| 2000-06-08 | CVE-2000-0499 | Improper Handling of Case Sensitivity vulnerability in BEA Weblogic Server The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | 7.5 |