GCVE - cpe:2.3:a:bea:weblogic_server:5.1:sp12:express:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:bea:weblogic_server:5.1:sp12:express:*:*:*:*:*

part: a version: 5.1 update: sp12

Vendor	Bea (`c4fe31a7-8f48-5c00-b7c2-e6a20391219c`)
Product	Weblogic Server (`ebf23157-7e5f-5cf4-ba69-dda04749aa52`)
Edition	express
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2004-2320`	vulnerable	2026-06-03 14:26:47.077563	Details available The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting. Published: 2005-08-16T04:00:00.000Z Updated: 2026-05-28T17:55:12.478Z Open on db.gcve.eu Reference links https://exchange.xforce.ibmcloud.com/vulnerabilities/14959 http://www.kb.cert.org/vuls/id/867593 http://dev2dev.bea.com/pub/advisory/68 http://www.securityfocus.com/bid/9506 http://secunia.com/advisories/10726	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2002-1030`	vulnerable	2026-06-03 14:26:15.662512	Details available Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections. Published: 2003-04-02T05:00:00.000Z Updated: 2024-08-08T03:12:16.665Z Open on db.gcve.eu Reference links http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0008.html http://www.securityfocus.com/bid/5159 http://www.iss.net/security_center/static/9486.php http://online.securityfocus.com/archive/1/281046 http://dev2dev.bea.com/resourcelibrary/advisoriesdetail.jsp?highlight=advisoriesnotifications&path=components%2Fdev2dev%2Fresourcelibrary%2Fadvisoriesnotifications%2Fadvisory_BEA02-19.htm	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0683`	vulnerable	2026-06-03 14:25:59.691612	Details available BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:41.513Z Open on db.gcve.eu Reference links http://www.osvdb.org/1480 http://www.securityfocus.com/bid/1517 http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://developer.bea.com/alerts/security_000728.html	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2000-0682`	vulnerable	2026-06-03 14:25:59.687129	Details available BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. Published: 2000-10-13T04:00:00.000Z Updated: 2024-08-08T05:28:40.950Z Open on db.gcve.eu Reference links http://developer.bea.com/alerts/security_000731.html http://archives.neohapsis.com/archives/bugtraq/2000-07/0410.html http://www.osvdb.org/1481 http://www.securityfocus.com/bid/1518	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.

BEA Systems WebLogic Express 5.1 SP12

PURL mappings

Vulnerability references

Contribute