Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 9.1 vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv2
CVE-2006-2472
Unspecified vulnerability in BEA WebLogic Server 9.1 and 9.0, 8.1 through SP5, 7.0 through SP6, and 6.1 through SP7 allows untrusted applications to obtain private server keys.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
4.4
CVSSv2
CVE-2008-2576
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
Oracle Weblogic Server 8.1
Oracle Weblogic Server 9.1
Oracle Weblogic Server 9.0
Oracle Weblogic Server 9.2
4.3
CVSSv2
CVE-2010-0069
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0, SP7, 8.1SP6, 9.0, 9.1, 9.2MP3, 10.0MP1, and 10.3.0 allows remote malicious users to affect integrity via unknown vectors.
Oracle Bea Product Suite 10.3.0
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 9.2
4.3
CVSSv2
CVE-2009-3396
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2.3, 10.0.1, and 10.3 allows remote malicious users to affect integrity, related to WLS Console.
Oracle Bea Product Suite 10.0.1
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.2.3
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 10.3
4.3
CVSSv2
CVE-2008-0899
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
4.3
CVSSv2
CVE-2008-0902
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 up to and including 10.0 MP1 allow remote malicious users to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 10.0
Bea Systems Weblogic Server 10.0 Mp1
Bea Weblogic Server 9.1
4.3
CVSSv2
CVE-2008-0869
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic ...
Bea Weblogic Server 9.0
Bea Weblogic Server 9.2
Bea Weblogic Workshop 8.1
Bea Weblogic Server 9.1
Bea Systems Weblogic 10.0
4.3
CVSSv2
CVE-2007-2694
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Express and WebLogic Server 6.1 through SP7, 7.0 through SP7, 8.1 through SP5, 9.0 GA, and 9.1 GA allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
4
CVSSv2
CVE-2007-2700
The WLST script generated by the configToScript command in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not encrypt certain attributes in configuration files when creating a new domain, which allows remote authenticated users to obtain sensitive information.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
2.6
CVSSv2
CVE-2008-5460
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote malicious users to affect confidentiality via unknown vectors.
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 10.3
Oracle Bea Product Suite 9.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »