A vulnerability was reported in Oracle WebLogic in the Apache Connector. A remote user can execute arbitrary code on the target system.
A remote user can send a specially crafted HTTP POST request to execute arbitrary code on the target system. The code will run with the privileges of the target service.
The article continues at http://www.securitytracker.com/alerts/2008/Jul/1020520.html