Request History

4 previous requests available

• Restore to current request
• cvereves/view/705
• nvdinfos/view/71070
• cvereves/view/28335
• jvninfos/index/page:83/sort:title/direction:asc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page13689
  • sorttitle
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page13689
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.titledesc
    • limit5
    • options(array)
      • page13689
      • order(array)
        • Jvninfo.titledesc
      • sorttitle
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id37878
      • nameJVNDB-2010-003663
      • titleAccellion Secure File Transfer Appliance の管理用の Web インターフェースにおける任意のシェルコマンドを挿入される脆弱性
      • summaryAccellion Secure File Transfer Appliance の管理用の Web インターフェースは、静的コードを挿入されるため、任意のシェルコマンドを挿入される脆弱性が存在します。
      • cveinfo_nameCVE-2009-4646
      • cveinfo_id42077
      • nvdinfo_nameCVE-2009-4646
      • nvdinfo_id51763
      • cvssv29
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003663.html
      • published_date2010-02-19
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id42077
      • nameCVE-2009-4642
      • statusCandidate
      • descriptiongnome-screensaver 2.26.1 relies on the gnome-session D-Bus interface to determine session idle time, even when an Xfce desktop such as Xubuntu or Mythbuntu is used, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
      • phaseAssigned (20100211)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id51763
      • nameCVE-2009-4646
      • descriptionStatic code injection vulnerability in the administrative web interface in Accellion Secure File Transfer Appliance allows remote authenticated administrators to inject arbitrary shell commands by appending them to a request to update the SNMP public community string.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2010-02-19
      • modified_date2010-02-22
      • typeCVE
      • seq2009-4646
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id37877
      • nameJVNDB-2010-003662
      • titleAccellion Secure File Transfer Appliance の web_client_user_guide.html におけるディレクトリトラバーサルの脆弱性
      • summaryAccellion Secure File Transfer Appliance の web_client_user_guide.html には、ディレクトリトラバーサルの脆弱性が存在します。
      • cveinfo_nameCVE-2009-4645
      • cveinfo_id42076
      • nvdinfo_nameCVE-2009-4645
      • nvdinfo_id51762
      • cvssv27.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003662.html
      • published_date2010-02-19
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id42076
      • nameCVE-2009-4641
      • statusCandidate
      • descriptiongnome-screensaver 2.28.0 does not resume adherence to its activation settings after an inhibiting application becomes unavailable on the session bus, which allows physically proximate attackers to access an unattended workstation on which screen locking had been intended.
      • phaseAssigned (20100211)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id51762
      • nameCVE-2009-4645
      • descriptionDirectory traversal vulnerability in web_client_user_guide.html in Accellion Secure File Transfer Appliance before 8_0_105 allows remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.8
      • severityHigh
      • CVSS_base_score7.8
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:C/I:N/A:N)
      • sourcecve
      • pub_date2017-01-07
      • published2010-02-19
      • modified_date2010-02-22
      • typeCVE
      • seq2009-4645
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id37880
      • nameJVNDB-2010-003665
      • titleAccellion Secure File Transfer Appliance における権限を取得される脆弱性
      • summaryAccellion Secure File Transfer Appliance は、必要以上の sudo 権限で実行される重要なコマンドおよび引数へのアクセスを適切に制限しないため、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2009-4648
      • cveinfo_id42079
      • nvdinfo_nameCVE-2009-4648
      • nvdinfo_id51765
      • cvssv27.2
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003665.html
      • published_date2010-02-19
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id42079
      • nameCVE-2009-4644
      • statusCandidate
      • descriptionAccellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
      • phaseAssigned (20100219)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id51765
      • nameCVE-2009-4648
      • descriptionAccellion Secure File Transfer Appliance before 8_0_105 does not properly restrict access to sensitive commands and arguments that run with extra sudo privileges, which allows local administrators to gain privileges via (1) arbitrary arguments in the --file_move action in /usr/local/bin/admin.pl, or a hard link attack in (2) chmod or (3) a certain cp command.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.2
      • severityHigh
      • CVSS_base_score7.2
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2010-02-19
      • modified_date2010-03-04
      • typeCVE
      • seq2009-4648
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id37876
      • nameJVNDB-2010-003661
      • titleAccellion Secure File Transfer Appliance における任意コマンドを実行される脆弱性
      • summaryAccellion Secure File Transfer Appliance には、制限されているシェルを回避される、および任意コマンドを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2009-4644
      • cveinfo_id42075
      • nvdinfo_nameCVE-2009-4644
      • nvdinfo_id51761
      • cvssv29
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003661.html
      • published_date2010-02-19
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id42075
      • nameCVE-2009-4640
      • statusCandidate
      • descriptionArray index error in vorbis_dec.c in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted Vorbis file that triggers an out-of-bounds read.
      • phaseAssigned (20100209)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id51761
      • nameCVE-2009-4644
      • descriptionAccellion Secure File Transfer Appliance before 8_0_105 allows remote authenticated administrators to bypass the restricted shell and execute arbitrary commands via shell metacharacters to the ping command, as demonstrated by modifying the cli program.
      • reject(null)
      • CVSS_version2
      • CVSS_score9
      • severityHigh
      • CVSS_base_score9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2010-02-19
      • modified_date2010-03-05
      • typeCVE
      • seq2009-4644
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id37879
      • nameJVNDB-2010-003664
      • titleAccellion Secure File Transfer Appliance におけるクロスサイトスクリプティングの脆弱性
      • summaryAccellion Secure File Transfer Appliance は、管理者が監査ログを見る際、適切に処理しないため、クロスサイトスクリプティングの脆弱性が存在します。
      • cveinfo_nameCVE-2009-4647
      • cveinfo_id42078
      • nvdinfo_nameCVE-2009-4647
      • nvdinfo_id51764
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003664.html
      • published_date2010-02-19
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id42078
      • nameCVE-2009-4643
      • statusCandidate
      • descriptionStack-based buffer overflow in dsInstallerService.dll in the Juniper Installer Service, as used in Juniper Odyssey Access Client 4.72.11421.0 and other products, allows remote attackers to execute arbitrary code via a long string in a malformed DSSETUPSERVICE_CMD_UNINSTALL command to the NeoterisSetupService named pipe.
      • phaseAssigned (20100215)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id51764
      • nameCVE-2009-4647
      • descriptionCross-site scripting (XSS) vulnerability in Accellion Secure File Transfer Appliance before 7_0_296 allows remote attackers to inject arbitrary web script or HTML via the username parameter, which is not properly handled when the administrator views audit logs.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-07
      • published2010-02-19
      • modified_date2010-03-04
      • typeCVE
      • seq2009-4647
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:13689/sort:title/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:13689/sort:title/direction:desc
Remote Port	32183
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.16.164.14
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.16.164.14
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.16.164.14
Unique Id	aBMNgl8dfWgoMY5AdyBspwAAAOE
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.16.164.14
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.16.164.14
Redirect Unique Id	aBMNgl8dfWgoMY5AdyBspwAAAOE
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.16.164.14
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.16.164.14
Redirect Redirect Unique Id	aBMNgl8dfWgoMY5AdyBspwAAAOE
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746079106.1668
Request Time	1746079106

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php