Request History

4 previous requests available

• Restore to current request
• nvdreves/view/389951
• nvdreves/view/238913
• nvdreves/view/338567
• nvdreves/view/147948

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page13594
  • sortcvssv2
  • directiondesc
  • Jvninfoscveinfos
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page13594
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cvssv2desc
    • limit5
    • options(array)
      • page13594
      • order(array)
        • Jvninfo.cvssv2desc
      • sortcvssv2
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id15601
      • nameJVNDB-2014-004476
      • titleGNU bash における任意のコマンドを実行される脆弱性
      • summaryGNU bash は、環境変数の値の関数定義を適切に解析しないため、任意のコマンドを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2014-6278
      • cveinfo_id73570
      • nvdinfo_nameCVE-2014-6278
      • nvdinfo_id33817
      • cvssv210
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004476.html
      • published_date2014-09-29
      • registered_date2014-10-01
      • last_updated_date2015-12-24
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id73570
      • nameCVE-2014-6271
      • statusCandidate
      • descriptionGNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix.
      • phaseAssigned (20140909)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id33817
      • nameCVE-2014-6278
      • descriptionGNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-09-30
      • modified_date2017-01-02
      • typeCVE
      • seq2014-6278
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id18929
      • nameJVNDB-2014-007804
      • titleSchneider Electric ETG3000 FactoryCast HMI Gateway のファームウェアの FTP サーバにおけるアクセス権を取得される脆弱性
      • summarySchneider Electric ETG3000 FactoryCast HMI Gateway のファームウェアの FTP サーバは、ハードコードされた認証情報を持つため、アクセス権を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-9198
      • cveinfo_id76491
      • nvdinfo_nameCVE-2014-9198
      • nvdinfo_id35949
      • cvssv210
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007804.html
      • published_date2014-12-19
      • registered_date2015-01-29
      • last_updated_date2015-01-29
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id76491
      • nameCVE-2014-9190
      • statusCandidate
      • descriptionStack-based buffer overflow in Schneider Electric Wonderware InTouch Access Anywhere Server 10.6 and 11.0 allows remote attackers to execute arbitrary code via a request for a filename that does not exist.
      • phaseAssigned (20141202)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id35949
      • nameCVE-2014-9198
      • descriptionThe FTP server on the Schneider Electric ETG3000 FactoryCast HMI Gateway with firmware through 1.60 IR 04 has hardcoded credentials, which makes it easier for remote attackers to obtain access via an FTP session.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2015-01-27
      • modified_date2015-01-28
      • typeCVE
      • seq2014-9198
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id20209
      • nameJVNDB-2013-001784
      • titleOracle Java SE の Java Runtime Environment における任意のコードを実行される脆弱性
      • summaryOracle Java SE の Java Runtime Environment (JRE) および OpenJDK には、AWT に関する処理に不備があるため、任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2013-0401
      • cveinfo_id60343
      • nvdinfo_nameCVE-2013-0401
      • nvdinfo_id36745
      • cvssv210
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001784.html
      • published_date2013-03-08
      • registered_date2013-03-11
      • last_updated_date2015-03-18
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id60343
      • nameCVE-2013-0396
      • statusCandidate
      • descriptionUnspecified vulnerability in the Application Performance Management (APM) component in Oracle Enterprise Manager Grid Control 6.5, 11.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Business Transaction Management, a different vulnerability than CVE-2013-0360.
      • phaseAssigned (20121207)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id36745
      • nameCVE-2013-0401
      • descriptionThe Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 17 and earlier, 6 Update 43 and earlier, and 5.0 Update 41 and earlier; and OpenJDK 6 and 7; allows remote attackers to execute arbitrary code via vectors related to AWT, as demonstrated by Ben Murphy during a Pwn2Own competition at CanSecWest 2013. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented on claims from another vendor that this issue is related to invocation of the system class loader by the sun.awt.datatransfer.ClassLoaderObjectInputStream class, which allows remote attackers to bypass Java sandbox restrictions.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-03-08
      • modified_date2014-10-04
      • typeCVE
      • seq2013-0401
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id26097
      • nameJVNDB-2012-001804
      • titleGE Intelligent Platforms Proficy Plant Applications におけるサービス運用妨害 (メモリ破損) の脆弱性
      • summaryGE Intelligent Platforms Proficy Plant Applications の Proficy Server License Manager 内にある PRLicenseMgr.exe には、サービス運用妨害 (メモリ破損) 状態となる、または任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2012-0231
      • cveinfo_id53469
      • nvdinfo_nameCVE-2012-0231
      • nvdinfo_id42368
      • cvssv210
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-001804.html
      • published_date2012-01-31
      • registered_date2012-03-19
      • last_updated_date2012-03-19
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id53469
      • nameCVE-2012-0226
      • statusCandidate
      • descriptionSQL injection vulnerability in Invensys Wonderware Information Server 4.0 SP1 and 4.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
      • phaseAssigned (20111221)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id42368
      • nameCVE-2012-0231
      • descriptionPRLicenseMgr.exe in the Proficy Server License Manager in GE Intelligent Platforms Proficy Plant Applications 5.0 and earlier allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted TCP session on port 12401.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2012-03-15
      • modified_date2012-03-16
      • typeCVE
      • seq2012-0231
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id26865
      • nameJVNDB-2012-002572
      • titleZTE Score M デバイス上の Android 用 ZTE sync_agent プログラムにおける権限を取得される脆弱性
      • summaryZTE Score M デバイス上で稼働する Android 用 ZTE sync_agent プログラムは、コマンドへのアクセスを制御するためにハードコードされた ztex1609523 パスワードを使用するため、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2012-2949
      • cveinfo_id56187
      • nvdinfo_nameCVE-2012-2949
      • nvdinfo_id44635
      • cvssv210
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002572.html
      • published_date2012-05-29
      • registered_date2012-05-31
      • last_updated_date2012-05-31
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id56187
      • nameCVE-2012-2944
      • statusCandidate
      • descriptionBuffer overflow in the addchar function in common/parseconf.c in upsd in Network UPS Tools (NUT) before 2.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (electric-power outage) via a long string containing non-printable characters.
      • phaseAssigned (20120529)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id44635
      • nameCVE-2012-2949
      • descriptionThe ZTE sync_agent program for Android 2.3.4 on the Score M device uses a hardcoded ztex1609523 password to control access to commands, which allows remote attackers to gain privileges via a crafted application.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2012-05-29
      • modified_date2012-05-30
      • typeCVE
      • seq2012-2949
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:13594/sort:cvssv2/direction:desc/Jvninfos:cveinfos
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:13594/sort:cvssv2/direction:desc/Jvninfos:cveinfos
Remote Port	56035
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	52.14.184.10
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	52.14.184.10
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	52.14.184.10
Unique Id	aBGC9VCVHP1tJnm6fS4vDAAAAQw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	52.14.184.10
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	52.14.184.10
Redirect Unique Id	aBGC9VCVHP1tJnm6fS4vDAAAAQw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	52.14.184.10
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	52.14.184.10
Redirect Redirect Unique Id	aBGC9VCVHP1tJnm6fS4vDAAAAQw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745978101.9908
Request Time	1745978101

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php