Request History

4 previous requests available

• Restore to current request
• jvninfos/view/8679
• jvninfos/view/40718
• jvninfos/view/66400
• jvninfos/view/19156

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page13675
  • sorttitle
  • directionasc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page13675
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.titleasc
    • limit5
    • options(array)
      • page13675
      • order(array)
        • Jvninfo.titleasc
      • sorttitle
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id3322
      • nameJVNDB-2016-004095
      • title複数の Siemens SIMATIC 製品における任意のコードを実行される脆弱性
      • summarySiemens SIMATIC WinCC、SIMATIC WinCC Runtime Professional、および SIMATIC WinCC PCS 7 で配布される BATCH、OpenPCS 7 には、任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2016-5743
      • cveinfo_id92249
      • nvdinfo_nameCVE-2016-5743
      • nvdinfo_id20932
      • cvssv210
      • cvssv39.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004095.html
      • published_date2016-07-22
      • registered_date2016-08-01
      • last_updated_date2016-08-01
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id92249
      • nameCVE-2016-5430
      • statusCandidate
      • descriptionThe RSA 1.5 algorithm implementation in the JOSE_JWE class in JWE.php in jose-php before 2.2.1 lacks the Random Filling protection mechanism, which makes it easier for remote attackers to obtain cleartext data via a Million Message Attack (MMA).
      • phaseAssigned (20160610)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id20932
      • nameCVE-2016-5743
      • descriptionSiemens SIMATIC WinCC before 7.3 Update 10 and 7.4 before Update 1, SIMATIC BATCH before 8.1 SP1 Update 9 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.1 Update 3 as distributed in SIMATIC PCS 7 through 8.1 SP1, SIMATIC OpenPCS 7 before 8.2 Update 1 as distributed in SIMATIC PCS 7 8.2, and SIMATIC WinCC Runtime Professional before 13 SP1 Update 9 allow remote attackers to execute arbitrary code via crafted packets.
      • reject(null)
      • CVSS_version2
      • CVSS_score10
      • severityHigh
      • CVSS_base_score10
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-07-22
      • modified_date2016-11-28
      • typeCVE
      • seq2016-5743
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id5149
      • nameJVNDB-2016-005922
      • title複数の Siemens SIMATIC 製品の統合 Web サーバにおける Cookie をキャプチャされる脆弱性
      • summary複数の Siemens SIMATIC 製品の統合 Web サーバは、https セッションの不特定の Cookie に対して secure フラグを設定しないため、当該の Cookie をキャプチャされる脆弱性が存在します。
      • cveinfo_nameCVE-2016-8672
      • cveinfo_id95179
      • nvdinfo_nameCVE-2016-8672
      • nvdinfo_id22162
      • cvssv25
      • cvssv35.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005922.html
      • published_date2016-11-21
      • registered_date2016-11-24
      • last_updated_date2016-11-24
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id95179
      • nameCVE-2016-8359
      • statusCandidate
      • descriptionAn issue was discovered in Moxa ioLogik E1210, firmware Version V2.4 and prior, ioLogik E1211, firmware Version V2.3 and prior, ioLogik E1212, firmware Version V2.4 and prior, ioLogik E1213, firmware Version V2.5 and prior, ioLogik E1214, firmware Version V2.4 and prior, ioLogik E1240, firmware Version V2.3 and prior, ioLogik E1241, firmware Version V2.4 and prior, ioLogik E1242, firmware Version V2.4 and prior, ioLogik E1260, firmware Version V2.4 and prior, ioLogik E1262, firmware Version V2.4 and prior, ioLogik E2210, firmware versions prior to V3.13, ioLogik E2212, firmware versions prior to V3.14, ioLogik E2214, firmware versions prior to V3.12, ioLogik E2240, firmware versions prior to V3.12, ioLogik E2242, firmware versions prior to V3.12, ioLogik E2260, firmware versions prior to V3.13, and ioLogik E2262, firmware versions prior to V3.12. The web application fails to sanitize user input, which may allow an attacker to inject script or execute arbitrary code (CROSS-SITE SCRIPTING).
      • phaseAssigned (20160928)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id22162
      • nameCVE-2016-8672
      • descriptionThe integrated web server on Siemens SIMATIC CP 343-1 Advanced prior to version 3.0.53, SIMATIC CP 443-1 Advanced prior to version 3.2.17, SIMATIC S7-300 CPU, and SIMATIC S7-400 CPU devices does not set the secure flag for unspecified cookies in an https session, which makes it easier for remote attackers to capture these cookies by intercepting their transmission within an http session.
      • reject(null)
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-03-18
      • published2016-11-23
      • modified_date2017-03-16
      • typeCVE
      • seq2016-8672
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id5150
      • nameJVNDB-2016-005923
      • title複数の Siemens SIMATIC 製品の統合 Web サーバにおけるクロスサイトリクエストフォージェリの脆弱性
      • summary複数の Siemens SIMATIC 製品の統合 Web サーバには、クロスサイトリクエストフォージェリの脆弱性が存在します。
      • cveinfo_nameCVE-2016-8673
      • cveinfo_id95180
      • nvdinfo_nameCVE-2016-8673
      • nvdinfo_id22163
      • cvssv26.8
      • cvssv38.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005923.html
      • published_date2016-11-21
      • registered_date2016-11-24
      • last_updated_date2016-11-24
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id95180
      • nameCVE-2016-8360
      • statusCandidate
      • descriptionAn issue was discovered in Moxa SoftCMS versions prior to Version 1.6. A specially crafted URL request sent to the SoftCMS ASP Webserver can cause a double free condition on the server allowing an attacker to modify memory locations and possibly cause a denial of service or the execution of arbitrary code.
      • phaseAssigned (20160928)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id22163
      • nameCVE-2016-8673
      • descriptionCross-site request forgery (CSRF) vulnerability in the integrated web server on Siemens SIMATIC CP 343-1 Advanced prior to version 3.0.53, SIMATIC CP 443-1 Advanced prior to version 3.2.17, SIMATIC S7-300 CPU, and SIMATIC S7-400 CPU devices allows remote attackers to hijack the authentication of arbitrary users.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.8
      • severityMedium
      • CVSS_base_score6.8
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-03-18
      • published2016-11-23
      • modified_date2017-03-16
      • typeCVE
      • seq2016-8673
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id5151
      • nameJVNDB-2016-005924
      • title複数の SIEMENS ブランドの IP カメラ製品における管理者資格情報を取得される脆弱性
      • summary複数の SIEMENS ブランドの IP カメラ製品には、特定の状況下で管理者資格情報を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2016-9155
      • cveinfo_id95662
      • nvdinfo_nameCVE-2016-9155
      • nvdinfo_id22293
      • cvssv25
      • cvssv39.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-005924.html
      • published_date2016-11-16
      • registered_date2016-11-24
      • last_updated_date2016-11-24
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id95662
      • nameCVE-2016-8842
      • statusCandidate
      • description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2016. Notes: none.
      • phaseAssigned (20161018)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id22293
      • nameCVE-2016-9155
      • descriptionThe following SIEMENS branded IP Camera Models CCMW3025, CVMW3025-IR, CFMW3025 prior to version 1.41_SP18_S1; CCPW3025, CCPW5025 prior to version 0.1.73_S1; CCMD3025-DN18 prior to version v1.394_S1; CCID1445-DN18, CCID1445-DN28, CCID1145-DN36, CFIS1425, CCIS1425, CFMS2025, CCMS2025, CVMS2025-IR, CFMW1025, CCMW1025 prior to version v2635_SP1 could allow an attacker with network access to the web server to obtain administrative credentials under certain circumstances.
      • reject(null)
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2016-11-22
      • modified_date2016-12-22
      • typeCVE
      • seq2016-9155
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id30082
      • nameJVNDB-2012-005789
      • title複数の Siemens 製品におけるサーバを偽装される脆弱性
      • summary複数の Siemens 製品は、ハードコードされた秘密鍵を使用するため、サーバを偽装される、およびネットワークトラフィックを解読される脆弱性が存在します。
      • cveinfo_nameCVE-2012-4698
      • cveinfo_id57936
      • nvdinfo_nameCVE-2012-4698
      • nvdinfo_id46034
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-005789.html
      • published_date2012-12-12
      • registered_date2012-12-25
      • last_updated_date2012-12-25
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id57936
      • nameCVE-2012-4693
      • statusCandidate
      • descriptionInvensys Wonderware InTouch 2012 R2 and earlier and Siemens ProcessSuite use a weak encryption algorithm for data in Ps_security.ini, which makes it easier for local users to discover passwords by reading this file.
      • phaseAssigned (20120828)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id46034
      • nameCVE-2012-4698
      • descriptionSiemens RuggedCom Rugged Operating System (ROS) before 3.12, ROX I OS through 1.14.5, ROX II OS through 2.3.0, and RuggedMax OS through 4.2.1.4621.22 use hardcoded private keys for SSL and SSH communication, which makes it easier for man-in-the-middle attackers to spoof servers and decrypt network traffic by leveraging the availability of these keys within ROS files at all customer installations.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2012-12-23
      • modified_date2013-05-20
      • typeCVE
      • seq2012-4698
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:13675/sort:title/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:13675/sort:title/direction:asc
Remote Port	7661
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.137.159.67
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.137.159.67
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.137.159.67
Unique Id	aBPy5xfj2LbAdsNgpHvR1wAAAi4
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.137.159.67
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.137.159.67
Redirect Unique Id	aBPy5xfj2LbAdsNgpHvR1wAAAi4
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.137.159.67
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.137.159.67
Redirect Redirect Unique Id	aBPy5xfj2LbAdsNgpHvR1wAAAi4
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746137831.4477
Request Time	1746137831

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php