Request History

4 previous requests available

• Restore to current request
• nvdreves/view/411913
• nvdreves/view/86654
• nvdreves/view/2274
• nvdreves/view/40811

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page13701
  • sortcvssv2
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page13701
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cvssv2desc
    • limit5
    • options(array)
      • page13701
      • order(array)
        • Jvninfo.cvssv2desc
      • sortcvssv2
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id27569
      • nameJVNDB-2012-003276
      • titleAccountsService の /usr/libexec/accounts-daemon における任意のファイルを読まれる脆弱性
      • summaryAccountsService の /usr/libexec/accounts-daemon 内の user_change_icon_file_authorized_cb 関数は、アイコンファイルをシステムキャッシュディレクトリへコピーする際に、UID を適切に確認しないため、任意のファイルを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2012-2737
      • cveinfo_id55975
      • nvdinfo_nameCVE-2012-2737
      • nvdinfo_id44451
      • cvssv21.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003276.html
      • published_date2012-06-19
      • registered_date2012-07-24
      • last_updated_date2012-11-13
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id55975
      • nameCVE-2012-2732
      • statusCandidate
      • description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2021. Reason: This candidate is a duplicate of CVE-2010-2021. Notes: All CVE users should reference CVE-2010-2021 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
      • phaseAssigned (20120514)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id44451
      • nameCVE-2012-2737
      • descriptionThe user_change_icon_file_authorized_cb function in /usr/libexec/accounts-daemon in AccountsService before 0.6.22 does not properly check the UID when copying an icon file to the system cache directory, which allows local users to read arbitrary files via a race condition.
      • reject(null)
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2012-07-22
      • modified_date2012-10-30
      • typeCVE
      • seq2012-2737
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id34993
      • nameJVNDB-2011-005235
      • titleRed Hat Enterprise Linux のカーネルパッケージの perf サブシステムにおけるサービス運用妨害 (DoS) の脆弱性
      • summaryRed Hat Enterprise Linux のカーネルパッケージの perf サブシステムは、NMI を適切に処理しないため、サービス運用妨害 (過剰なログメッセージ) 状態にされる脆弱性が存在します。
      • cveinfo_nameCVE-2011-2693
      • cveinfo_id50600
      • nvdinfo_nameCVE-2011-2693
      • nvdinfo_id9430
      • cvssv21.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-005235.html
      • published_date2011-03-17
      • registered_date2013-06-11
      • last_updated_date2013-06-11
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id50600
      • nameCVE-2011-2688
      • statusCandidate
      • descriptionSQL injection vulnerability in mysql/mysql-auth.pl in the mod_authnz_external module 3.2.5 and earlier for the Apache HTTP Server allows remote attackers to execute arbitrary SQL commands via the user field.
      • phaseAssigned (20110711)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id9430
      • nameCVE-2011-2693
      • descriptionThe perf subsystem in the kernel package 2.6.32-122.el6.x86_64 in Red Hat Enterprise Linux (RHEL) 6 does not properly handle NMIs, which might allow local users to cause a denial of service (excessive log messages) via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:N/I:N/A:P)
      • sourcecve
      • pub_date2017-01-07
      • published2013-06-08
      • modified_date2013-06-10
      • typeCVE
      • seq2011-2693
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id47025
      • nameJVNDB-2008-002335
      • titleCitrix Presentation Server および Desktop Server のインストールプロセスにおけるデータベースの認証情報が取得される脆弱性
      • summaryCitrix Presentation Server および Desktop Server のインストールプロセスには、MSI のログが有効な場合、データベースの認証情報が MSI ログファイルに記録されるため、認証情報を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2008-5107
      • cveinfo_id35220
      • nvdinfo_nameCVE-2008-5107
      • nvdinfo_id4891
      • cvssv21.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002335.html
      • published_date2008-11-17
      • registered_date2009-07-08
      • last_updated_date2009-07-08
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id35220
      • nameCVE-2008-5103
      • statusCandidate
      • descriptionThe (1) python-vm-builder and (2) ubuntu-vm-builder implementations in VMBuilder 0.9 in Ubuntu 8.10 omit the -e option when invoking chpasswd with a root:! argument, which configures the root account with a cleartext password of ! (exclamation point) and allows attackers to bypass intended login restrictions.
      • phaseAssigned (20081117)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id4891
      • nameCVE-2008-5107
      • descriptionThe installation process for Citrix Presentation Server 4.5 and Desktop Server 1.0, when MSI logging is enabled, stores database credentials in MSI log files, which allows local users to obtain these credentials by reading the log files.
      • reject(null)
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-03
      • published2008-11-17
      • modified_date2011-03-07
      • typeCVE
      • seq2008-5107
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id20402
      • nameJVNDB-2013-001977
      • titleDebian GNU/Linux 上の lighthttpd における PHP 制御ソケットを乗っ取られる脆弱性
      • summaryDebian GNU/Linux 上で稼働する lighthttpd の FastCGI PHP サポート用の設定ファイルは、/tmp 内に予測可能な名前を持つソケットファイルを生成するため、PHP 制御ソケットを乗っ取られ、PHP の別のバージョンの使用を強制するなど不正なアクションを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2013-1427
      • cveinfo_id61369
      • nvdinfo_nameCVE-2013-1427
      • nvdinfo_id37633
      • cvssv21.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-001977.html
      • published_date2013-03-15
      • registered_date2013-03-25
      • last_updated_date2014-04-07
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id61369
      • nameCVE-2013-1422
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20130126)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id37633
      • nameCVE-2013-1427
      • descriptionThe configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.
      • reject(null)
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-18
      • published2013-03-21
      • modified_date2016-06-01
      • typeCVE
      • seq2013-1427
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id68019
      • nameJVNDB-2017-004301
      • title複数の Microsoft Windows 製品のカーネルにおける情報を取得される脆弱性
      • summary複数の Microsoft Windows 製品のカーネルには、情報を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2017-8476
      • cveinfo_id0
      • nvdinfo_nameCVE-2017-8476
      • nvdinfo_id87024
      • cvssv21.9
      • cvssv35
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004301.html
      • published_date2017-06-13
      • registered_date2017-06-22
      • last_updated_date2017-06-22
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified2017-06-29 09:07:58
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id87024
      • nameCVE-2017-8476
      • descriptionThe kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, 1703, and Windows Server 2016 allows an authenticated attacker to obtain information via a specially crafted application. aka Windows Kernel Information Disclosure Vulnerability, a different vulnerability than CVE-2017-8491, CVE-2017-8490, CVE-2017-8489, CVE-2017-8488, CVE-2017-8485, CVE-2017-8483, CVE-2017-8482, CVE-2017-8481, CVE-2017-8480, CVE-2017-8478, CVE-2017-8479, CVE-2017-8474, CVE-2017-8469, CVE-2017-8462, CVE-2017-0300, CVE-2017-0299, and CVE-2017-0297.
      • reject
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version
      • CVSS_vector(AV:L/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-06-23
      • published2017-06-14
      • modified_date2017-06-20
      • typeCVE
      • seq2017-8476
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:13701/sort:cvssv2/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:13701/sort:cvssv2/direction:desc
Remote Port	7914
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	13.59.22.153
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	13.59.22.153
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	13.59.22.153
Unique Id	aBJlqzX8IwrTKbPAslbM3QAAAnY
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	13.59.22.153
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	13.59.22.153
Redirect Unique Id	aBJlqzX8IwrTKbPAslbM3QAAAnY
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	13.59.22.153
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	13.59.22.153
Redirect Redirect Unique Id	aBJlqzX8IwrTKbPAslbM3QAAAnY
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1746036139.6316
Request Time	1746036139

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php