CVE-2000-0685

BEA WebLogic 5.1.x - Remote Code Execution via PageCompileServlet

Title source: manual

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-0685. PoCs published by Foundstone Inc..

AI-analyzed exploit summary This is a writeup describing a client-side vulnerability in WebLogic servers where malicious JSP/JHTML code can be uploaded and executed. It explains the mechanism but does not provide executable exploit code.

Description

BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Foundstone Inc. · textremotewindows

https://www.exploit-db.com/exploits/20125

View Code ZIP pw:eip

This is a writeup describing a client-side vulnerability in WebLogic servers where malicious JSP/JHTML code can be uploaded and executed. It explains the mechanism but does not provide executable exploit code.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Theoretical

Target: BEA Systems WebLogic (version not specified)

No auth needed

Prerequisites: Ability to upload JSP/JHTML code to the server · Server misconfiguration allowing file execution

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Various Sources x_refsource_confirm

http://developer.bea.com/alerts/security_000731.html

Patch, Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2000-07/0434.html

Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1525

Scores

EPSS 0.1226

EPSS Percentile 95.7%

Details

Status published

Products (3)

bea/weblogic_server 3.1.8

bea/weblogic_server 4.0.4

bea/weblogic_server 4.5.1

Published Oct 20, 2000

Tracked Since Feb 18, 2026