Request History

4 previous requests available

• Restore to current request
• cvereves/view/794994
• cvereves/view/4109
• nvdinfos/view/18156
• nvdinfos/view/10254

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page13662
  • sorttitle
  • directionasc
  • Jvninfoscveinfos
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page13662
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.titleasc
    • limit5
    • options(array)
      • page13662
      • order(array)
        • Jvninfo.titleasc
      • sorttitle
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id8721
      • nameJVNDB-2015-004041
      • title複数の Pulse Connect Secure 製品における中間者攻撃を実行される脆弱性
      • summaryPulse Connect Secure (別名 PCS/旧 Juniper PCS) PSC6000、 PCS6500、および MAG PSC360 は、Hardware Acceleration が有効になっている場合、Finished TLS ハンドシェイクメッセージを適切に検証しないため、中間者攻撃 (man-in-the-middle attack) を実行される脆弱性が存在します。
      • cveinfo_nameCVE-2015-5369
      • cveinfo_id82594
      • nvdinfo_nameCVE-2015-5369
      • nvdinfo_id26552
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-004041.html
      • published_date2015-08-01
      • registered_date2015-08-12
      • last_updated_date2015-08-12
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id82594
      • nameCVE-2015-5317
      • statusCandidate
      • descriptionThe Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request.
      • phaseAssigned (20150701)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id26552
      • nameCVE-2015-5369
      • descriptionPulse Connect Secure (aka PCS and formerly Juniper PCS) PSC6000, PCS6500, and MAG PSC360 8.1 before 8.1r5, 8.0 before 8.0r13, 7.4 before 7.4r13.5, and 7.1 before 7.1r22.2 and PPS 5.1 before 5.1R5 and 5.0 before 5.0R13, when Hardware Acceleration is enabled, does not properly validate the Finished TLS handshake message, which makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted Finished message.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2015-08-11
      • modified_date2015-08-11
      • typeCVE
      • seq2015-5369
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id16607
      • nameJVNDB-2014-005482
      • title複数の Puppet 製品における権限を取得される脆弱性
      • summary複数の Puppet 製品には、Ruby で稼働する場合、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-3248
      • cveinfo_id70535
      • nvdinfo_nameCVE-2014-3248
      • nvdinfo_id31460
      • cvssv26.2
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-005482.html
      • published_date2014-06-10
      • registered_date2014-11-18
      • last_updated_date2014-12-25
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id70535
      • nameCVE-2014-3240
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20140506)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id31460
      • nameCVE-2014-3248
      • descriptionUntrusted search path vulnerability in Puppet Enterprise 2.8 before 2.8.7, Puppet before 2.7.26 and 3.x before 3.6.2, Facter 1.6.x and 2.x before 2.0.2, Hiera before 1.3.4, and Mcollective before 2.5.2, when running with Ruby 1.9.1 or earlier, allows local users to gain privileges via a Trojan horse file in the current working directory, as demonstrated using (1) rubygems/defaults/operating_system.rb, (2) Win32API.rb, (3) Win32API.so, (4) safe_yaml.rb, (5) safe_yaml/deep.rb, or (6) safe_yaml/deep.so; or (7) operatingsystem.rb, (8) operatingsystem.so, (9) osfamily.rb, or (10) osfamily.so in puppet/confine.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.2
      • severityMedium
      • CVSS_base_score6.2
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore1.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-11-16
      • modified_date2014-11-17
      • typeCVE
      • seq2014-3248
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id15074
      • nameJVNDB-2014-003949
      • title複数の QNAP 製品のファームウェアにおけるユーザ名およびハッシュ化されたパスワードを取得される脆弱性
      • summaryQNAP TS-469U、TS-459U、TS-EC1679U-RP、および SS-839 のファームウェアは、/etc/config/shadow に誰でも読み取り可能な権限 (world-readable permission) を使用するため、ユーザ名およびハッシュ化されたパスワードを取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-5457
      • cveinfo_id72747
      • nvdinfo_nameCVE-2014-5457
      • nvdinfo_id33125
      • cvssv22.1
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003949.html
      • published_date2014-07-11
      • registered_date2014-08-27
      • last_updated_date2014-08-27
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id72747
      • nameCVE-2014-5449
      • statusCandidate
      • descriptionZarafa WebAccess 4.1 and WebApp uses world-readable permissions for the files in their tmp directory, which allows local users to obtain sensitive information by reading temporary session data.
      • phaseAssigned (20140825)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id33125
      • nameCVE-2014-5457
      • descriptionQNAP TS-469U with firmware 4.0.7 Build 20140410, TS-459U, TS-EC1679U-RP, and SS-839 use world-readable permissions for /etc/config/shadow, which allows local users to obtain usernames and hashed passwords by reading the password.
      • reject(null)
      • CVSS_version2
      • CVSS_score2.1
      • severityLow
      • CVSS_base_score2.1
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-25
      • modified_date2014-08-26
      • typeCVE
      • seq2014-5457
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id67581
      • nameJVNDB-2017-003878
      • title複数の Quick Heal 製品におけるセキュリティ機能に関する脆弱性
      • summaryQuick Heal Internet Security、Quick Heal Total Security、および Quick Heal AntiVirus Pro には、セキュリティ機能に関する脆弱性が存在します。
      • cveinfo_nameCVE-2017-8776
      • cveinfo_id0
      • nvdinfo_nameCVE-2017-8776
      • nvdinfo_id85589
      • cvssv25
      • cvssv37.5
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003878.html
      • published_date2017-05-04
      • registered_date2017-06-09
      • last_updated_date2017-06-09
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified2017-06-13 00:00:14
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id85589
      • nameCVE-2017-8776
      • descriptionQuick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 have approximately 165 PE files in the default installation that do not use ASLR/DEP protection mechanisms that provide sufficient defense against directed attacks against the product.
      • reject
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version
      • CVSS_vector(AV:N/AC:L/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-05-27
      • published2017-05-04
      • modified_date2017-05-15
      • typeCVE
      • seq2017-8776
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 4(array)
    • Jvninfo(array)
      • id67578
      • nameJVNDB-2017-003875
      • title複数の Quick Heal 製品におけるバッファエラーの脆弱性
      • summaryQuick Heal Internet Security、Quick Heal Total Security、および Quick Heal AntiVirus Pro には、バッファエラーの脆弱性、および境界外書き込みに関する脆弱性が存在します。
      • cveinfo_nameCVE-2017-8773
      • cveinfo_id0
      • nvdinfo_nameCVE-2017-8773
      • nvdinfo_id85586
      • cvssv27.5
      • cvssv39.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003875.html
      • published_date2017-05-04
      • registered_date2017-06-09
      • last_updated_date2017-06-09
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified2017-06-13 00:00:07
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id85586
      • nameCVE-2017-8773
      • descriptionQuick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316, and Quick Heal AntiVirus Pro 10.1.0.316 are vulnerable to Out of Bounds Write on a Heap Buffer due to improper validation of dwCompressionSize of Microsoft WIM Header WIMHEADER_V1_PACKED. This vulnerability can be exploited to gain Remote Code Execution as well as Privilege Escalation.
      • reject
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-05-27
      • published2017-05-04
      • modified_date2017-05-15
      • typeCVE
      • seq2017-8773
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:13662/sort:title/direction:asc/Jvninfos:cveinfos
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:13662/sort:title/direction:asc/Jvninfos:cveinfos
Remote Port	3768
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.216.95.250
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	18.216.95.250
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.216.95.250
Unique Id	aBGP9RCelfP3zUtuvZkfeQAAAE4
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	18.216.95.250
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.216.95.250
Redirect Unique Id	aBGP9RCelfP3zUtuvZkfeQAAAE4
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	18.216.95.250
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.216.95.250
Redirect Redirect Unique Id	aBGP9RCelfP3zUtuvZkfeQAAAE4
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745981429.0858
Request Time	1745981429

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php