|
307801
|
- |
|
hitachi
|
sewb3_mi-platform
sewb3_platform
|
Unspecified vulnerability in the SEWB3 messaging service in Hitachi SEWB3/PLATFORM and SEWB3/MI-PLATFORM 01-00 through 02-14-/A allows remote attackers to cause a denial of service (service outage) v…
|
CWE-20
Improper Input Validation
|
CVE-2008-0876
|
2011-03-8 12:05 |
2008-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307802
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application servlets via crafted request headers.
|
CWE-287
Improper Authentication
|
CVE-2008-0895
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307803
|
- |
|
bea_systems
|
weblogic_portal
|
BEA WebLogic Portal 10.0 and 9.2 through MP1, when an administrator deletes a single instance of a content portlet, removes entitlement policies for other content portlets, which allows attackers to …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0896
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307804
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a st…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0897
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307805
|
- |
|
bea
|
weblogic_server
|
The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queu…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0898
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307806
|
- |
|
bea
|
weblogic_server
|
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 allows remote attackers to inject arbitrary web script or HTML via URLs that…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0899
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307807
|
- |
|
bea
bea_systems
|
weblogic_server
weblogic_express
|
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2008-0900
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307808
|
- |
|
bea
bea_systems
|
weblogic_server
|
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOT…
|
CWE-79
Cross-site Scripting
|
CVE-2008-0902
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307809
|
- |
|
bea_systems
|
weblogic_express
weblogic_server
|
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and 10.0 MP2, allows remote attackers to cause a denial of servic…
|
NVD-CWE-noinfo
|
CVE-2008-0903
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
307810
|
- |
|
bea_systems
|
aqualogic_interaction
plumtree_collaboration
|
Unspecified vulnerability in the download servlet in BEA Plumtree Collaboration 4.1 through SP2 and AquaLogic Interaction 4.2 through MP1 allows remote attackers to read arbitrary files via a crafted…
|
CWE-200
Information Exposure
|
CVE-2008-0904
|
2011-03-8 12:05 |
2008-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
