Vulnerabilities (CVE)

Filtered by vendor Bea Systems Subscribe
Filtered by product Weblogic Express
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0903 1 Bea Systems 2 Weblogic Express, Weblogic Server 2024-11-21 4.3 MEDIUM N/A
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of service (web server crash) via a crafted URL.
CVE-2008-0900 2 Bea, Bea Systems 2 Weblogic Server, Weblogic Express 2024-11-21 6.0 MEDIUM N/A
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.