Request History

4 previous requests available

• Restore to current request
• nvdreves/view/244522
• nvdreves/view/282310
• nvdreves/view/348725
• nvdreves/view/73878

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page1226
  • sortcvssv2
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page1226
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cvssv2desc
    • limit5
    • options(array)
      • page1226
      • order(array)
        • Jvninfo.cvssv2desc
      • sortcvssv2
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id13758
      • nameJVNDB-2014-002633
      • titleEMC Documentum D2 におけるアクセス制限を回避される脆弱性
      • summaryEMC Documentum D2 には、アクセス制限を回避され、任意の Documentum Query Language (DQL) クエリを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2014-2504
      • cveinfo_id69791
      • nvdinfo_nameCVE-2014-2504
      • nvdinfo_id30922
      • cvssv29
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002633.html
      • published_date2014-05-22
      • registered_date2014-05-28
      • last_updated_date2014-05-28
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69791
      • nameCVE-2014-2496
      • statusCandidate
      • descriptionUnspecified vulnerability in the PeopleSoft Enterprise PT PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Test Framework.
      • phaseAssigned (20140313)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30922
      • nameCVE-2014-2504
      • descriptionEMC Documentum D2 3.1 before P20, 3.1 SP1 before P02, 4.0 before P10, 4.1 before P13, and 4.2 before P01 allows remote authenticated users to bypass intended access restrictions and execute arbitrary Documentum Query Language (DQL) queries by calling (1) a core method or (2) a D2FS web-service method.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-05-25
      • modified_date2014-06-18
      • typeCVE
      • seq2014-2504
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id51134
      • nameJVNDB-2008-006444
      • titleYoxel の itpm_estimate.php における任意の PHP コードを実行される脆弱性
      • summaryYoxel の itpm_estimate.php は、Eval インジェクションの不備があるため、任意の PHP コードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2008-5071
      • cveinfo_id35184
      • nvdinfo_nameCVE-2008-5071
      • nvdinfo_id4858
      • cvssv29
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006444.html
      • published_date2008-11-14
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id35184
      • nameCVE-2008-5067
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in search.php in Kmita Catalogue 2.x allows remote attackers to inject arbitrary web script or HTML via the q parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
      • phaseAssigned (20081113)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id4858
      • nameCVE-2008-5071
      • descriptionMultiple eval injection vulnerabilities in itpm_estimate.php in Yoxel 1.23beta and earlier allow remote authenticated users to execute arbitrary PHP code via the proj_id parameter.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-11-14
      • modified_date2009-08-19
      • typeCVE
      • seq2008-5071
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id1215
      • nameJVNDB-2016-001988
      • titleJenkins の不特定の API エンドポイントにおける任意のコードを実行される脆弱性
      • summaryJenkins の不特定の API エンドポイントには、XStream および groovy.util.Expando に関する処理に不備があるため、任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2016-0792
      • cveinfo_id86996
      • nvdinfo_nameCVE-2016-0792
      • nvdinfo_id17154
      • cvssv29
      • cvssv38.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-001988.html
      • published_date2016-02-24
      • registered_date2016-04-12
      • last_updated_date2016-08-29
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id86996
      • nameCVE-2016-0700
      • statusCandidate
      • descriptionUnspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0675.
      • phaseAssigned (20151209)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id17154
      • nameCVE-2016-0792
      • descriptionMultiple unspecified API endpoints in Jenkins before 1.650 and LTS before 1.642.2 allow remote authenticated users to execute arbitrary code via serialized data in an XML file, related to XStream and groovy.util.Expando.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-04-07
      • modified_date2016-07-14
      • typeCVE
      • seq2016-0792
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id46015
      • nameJVNDB-2008-001325
      • titleMicrosoft Windows におけるユーザの不適切な管理に関連する権限昇格の脆弱性
      • summaryMicrosoft Windows には、あるサービスプロセスが、LocalSystem 特権昇格可能なもう一つのサービスプロセスからリソースをキャプチャを使用する場合、NetworkService および LocalService アカウントのアクティビティの割り当てを適切に行わないため、IIS からレポートされた SeImpersonatePrivilege ユーザの不適切な管理に関連する権限昇格の脆弱性が存在します。
      • cveinfo_nameCVE-2008-1436
      • cveinfo_id31549
      • nvdinfo_nameCVE-2008-1436
      • nvdinfo_id1388
      • cvssv29
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001325.html
      • published_date2008-04-17
      • registered_date2008-05-15
      • last_updated_date2009-05-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id31549
      • nameCVE-2008-1432
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in SolutionSearch.do in ManageEngine SupportCenter Plus 7.0.0 allows remote attackers to inject arbitrary web script or HTML via the searchText parameter, a related issue to CVE-2008-1299. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
      • phaseAssigned (20080320)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id1388
      • nameCVE-2008-1436
      • descriptionMicrosoft Windows XP Professional SP2, Vista, and Server 2003 and 2008 does not properly assign activities to the (1) NetworkService and (2) LocalService accounts, which might allow context-dependent attackers to gain privileges by using one service process to capture a resource from a second service process that has a LocalSystem privilege-escalation ability, related to improper management of the SeImpersonatePrivilege user right, as originally reported for Internet Information Services (IIS), aka Token Kidnapping.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-04-21
      • modified_date2011-03-07
      • typeCVE
      • seq2008-1436
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id4032
      • nameJVNDB-2016-004805
      • titleOpen Ticket Request System の FAQ パッケージにおける SQL インジェクションの脆弱性
      • summaryOpen Ticket Request System (OTRS) の FAQ パッケージには、SQL インジェクションの脆弱性が存在します。
      • cveinfo_nameCVE-2016-5843
      • cveinfo_id92350
      • nvdinfo_nameCVE-2016-5843
      • nvdinfo_id20976
      • cvssv29
      • cvssv39.4
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004805.html
      • published_date2016-06-25
      • registered_date2016-09-21
      • last_updated_date2016-09-21
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id92350
      • nameCVE-2016-5531
      • statusCandidate
      • descriptionUnspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
      • phaseAssigned (20160616)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id20976
      • nameCVE-2016-5843
      • descriptionMultiple SQL injection vulnerabilities in the FAQ package 2.x before 2.3.6, 4.x before 4.0.5, and 5.x before 5.0.5 in Open Ticket Request System (OTRS) allow remote attackers to execute arbitrary SQL commands via crafted search parameters.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore8.5
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-16
      • modified_date2016-11-28
      • typeCVE
      • seq2016-5843
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:1226/sort:cvssv2/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:1226/sort:cvssv2/direction:desc
Remote Port	64791
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.34
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.215.120
Http Via	1.1 squid-proxy-5b5d847c96-dtl4j (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=t8bs1503ofrc32vf3i8rj3ugm0
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.34
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.34
Unique Id	aHPAkvrQX6nAuEZGsqVBgQAAALc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.34
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.34
Redirect Unique Id	aHPAkvrQX6nAuEZGsqVBgQAAALc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.34
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.34
Redirect Redirect Unique Id	aHPAkvrQX6nAuEZGsqVBgQAAALc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752416402.4644
Request Time	1752416402

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php