Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2008-0903 | 1 Bea Systems | 2 Weblogic Express, Weblogic Server | 2024-11-21 | 4.3 MEDIUM | N/A |
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL. | |||||
CVE-2008-0900 | 2 Bea, Bea Systems | 2 Weblogic Server, Weblogic Express | 2024-11-21 | 6.0 MEDIUM | N/A |
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors. |