|
270631
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remote attackers to obtain sensitive information and potentially launch further…
|
CWE-200
Information Exposure
|
CVE-2008-0863
|
2011-03-8 12:05 |
2008-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270632
|
- |
|
bea
|
weblogic_workshop
|
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web script or HTML via an invalid action URI, which is not properly handled by …
|
CWE-79
Cross-site Scripting
|
CVE-2008-0866
|
2011-03-8 12:05 |
2008-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270633
|
- |
|
bea
bea_systems
|
weblogic_server
weblogic_workshop
weblogic
|
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via a "fram…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0869
|
2011-03-8 12:05 |
2008-02-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270634
|
- |
|
hitachi
|
eur_print_manager
|
Unspecified vulnerability in Hitachi EUR Print Manager, and related Client and Local Server products, 05-06 through 05-06-/B and 05-08 allows remote attackers to cause a denial of service (service ha…
|
NVD-CWE-noinfo
|
CVE-2008-0875
|
2011-03-8 12:05 |
2008-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270635
|
- |
|
hitachi
|
sewb3_mi-platform
sewb3_platform
|
Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) v…
|
CWE-20
Improper Input Validation
|
CVE-2008-0876
|
2011-03-8 12:05 |
2008-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270636
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.
|
CWE-287
Improper Authentication
|
CVE-2008-0895
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270637
|
- |
|
bea_systems
|
weblogic_portal
|
BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0896
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270638
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a st…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0897
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270639
|
- |
|
bea
|
weblogic_server
|
The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0898
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
270640
|
- |
|
bea
|
weblogic_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0899
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
