Bea Systems » Weblogic Express : Security Vulnerabilities, CVEs,
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.
Max CVSS
4.3
EPSS Score
0.60%
Published
2008-02-22
Updated
2011-03-08
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
Max CVSS
6.0
EPSS Score
0.23%
Published
2008-02-22
Updated
2011-03-08
2 vulnerabilities found