Approved changes feed: RSS · Atom

cpe:2.3:a:bea_systems:weblogic_server:10.0_mp1:*:*:*:*:*:*:*

part: a version: 10.0_mp1 update: *

VendorBea Systems (3896c7df-5770-5541-9221-c6057b3b825f)
ProductWeblogic Server (834e1e29-081b-5272-a25c-45071ce6e6a7)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2008-3257 vulnerable 2026-06-08 04:50:33.741535 db.gcve.eu details are currently unavailable. Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-0902 vulnerable 2026-06-08 04:50:18.177334 Details available
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Published: 2008-02-22T21:00:00.000Z
Updated: 2024-08-07T08:01:40.105Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2008-0901 vulnerable 2026-06-08 04:50:18.176348 Details available
BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Published: 2008-02-22T21:00:00.000Z
Updated: 2024-08-07T08:01:40.056Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.