Request History

4 previous requests available

• Restore to current request
• nvdreves/view/288227
• nvdreves/view/323586
• nvdinfos/view/77779
• nvdreves/view/385201

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page1636
  • sortcveinfo_id
  • directionasc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page1636
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cveinfo_idasc
    • limit5
    • options(array)
      • page1636
      • order(array)
        • Jvninfo.cveinfo_idasc
      • sortcveinfo_id
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id58662
      • nameJVNDB-2006-000858
      • titleRuby において、alias 機能の問題でセーフレベル 4 がサンドボックスとして機能しない脆弱性
      • summaryRuby 言語には、信頼できないオブジェクトの操作を制限するセキュリティモデルのひとつとして「セーフレベル」が存在しています。Ruby の alias 機能に問題があるため、この「セーフレベル」の設定を回避されてしまい、本来実行できないはずのメソッドが実行される脆弱性が確認されています。
      • cveinfo_nameCVE-2006-3694
      • cveinfo_id19796
      • nvdinfo_nameCVE-2006-3694
      • nvdinfo_id62362
      • cvssv21.2
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000858.html
      • published_date2006-07-12
      • registered_date2007-04-01
      • last_updated_date2007-04-01
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id19796
      • nameCVE-2006-3692
      • statusCandidate
      • description** DISPUTED ** PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker"s post-disclosure analysis.
      • phaseAssigned (20060718)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id62362
      • nameCVE-2006-3694
      • descriptionMultiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
      • reject(null)
      • CVSS_version2
      • CVSS_score6.4
      • severityMedium
      • CVSS_base_score6.4
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:N)
      • sourcecve
      • pub_date2016-12-20
      • published2006-07-21
      • modified_date2011-03-07
      • typeCVE
      • seq2006-3694
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id58196
      • nameJVNDB-2006-000392
      • titleRuby において、特定メソッドの問題でセーフレベル 4 がサンドボックスとして機能しない脆弱性
      • summaryRuby 言語には、信頼できないオブジェクトの操作を制限するセキュリティモデルのひとつとして「セーフレベル」が存在しています。この「セーフレベル」の設定を回避して、本来呼び出すことのできないメソッドを実行される脆弱性が確認されています。
      • cveinfo_nameCVE-2006-3694
      • cveinfo_id19796
      • nvdinfo_nameCVE-2006-3694
      • nvdinfo_id62362
      • cvssv21.2
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-000392.html
      • published_date2006-07-12
      • registered_date2007-04-01
      • last_updated_date2007-04-01
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id19796
      • nameCVE-2006-3692
      • statusCandidate
      • description** DISPUTED ** PHP remote file inclusion vulnerability in enduser/listmessenger.php in ListMessenger 0.9.3 allows remote attackers to execute arbitrary PHP code via a URL in the lm_path parameter. NOTE: the vendor has disputed this issue to SecurityTracker, stating that the $lm_path variable is set to a constant value. As of 20060726, CVE concurs with the vendor based on SecurityTracker"s post-disclosure analysis.
      • phaseAssigned (20060718)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id62362
      • nameCVE-2006-3694
      • descriptionMultiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
      • reject(null)
      • CVSS_version2
      • CVSS_score6.4
      • severityMedium
      • CVSS_base_score6.4
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:N)
      • sourcecve
      • pub_date2016-12-20
      • published2006-07-21
      • modified_date2011-03-07
      • typeCVE
      • seq2006-3694
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id60551
      • nameJVNDB-2006-002817
      • titleTrac における任意のファイルを読まれるなどの脆弱性
      • summaryTrac は、信頼されないユーザに docutils から再編されたテキスト (reStructuredText) 機能を提供する際、"raw" または "include" コマンドを無効にしないため、任意のファイルを読まれる、クロスサイトスクリプト攻撃を実行される、またはサービス運用妨害 (DoS) 状態となる脆弱性が存在します。
      • cveinfo_nameCVE-2006-3695
      • cveinfo_id19797
      • nvdinfo_nameCVE-2006-3695
      • nvdinfo_id62363
      • cvssv26.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002817.html
      • published_date2006-07-21
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id19797
      • nameCVE-2006-3693
      • statusCandidate
      • descriptionRocks Clusters 4.1 and earlier allows local users to gain privileges via commands enclosed with escaped backticks (`) in an argument to the (1) mount-loop (mount-loop.c) or (2) umount-loop (umount-loop.c) command, which is not filtered in a system function call.
      • phaseAssigned (20060718)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id62363
      • nameCVE-2006-3695
      • descriptionTrac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.8
      • severityMedium
      • CVSS_base_score6.8
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2016-12-20
      • published2006-07-21
      • modified_date2011-03-16
      • typeCVE
      • seq2006-3695
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id60552
      • nameJVNDB-2006-002818
      • titleOutpost Firewall の filtnt.sys におけるサービス運用妨害 (DoS) の脆弱性
      • summaryOutpost Firewall の filtnt.sys には、サービス運用妨害 (クラッシュ) 状態となる脆弱性が存在します。
      • cveinfo_nameCVE-2006-3696
      • cveinfo_id19798
      • nvdinfo_nameCVE-2006-3696
      • nvdinfo_id62364
      • cvssv22.1
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002818.html
      • published_date2006-07-21
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id19798
      • nameCVE-2006-3694
      • statusCandidate
      • descriptionMultiple unspecified vulnerabilities in Ruby before 1.8.5 allow remote attackers to bypass "safe level" checks via unspecified vectors involving (1) the alias function and (2) "directory operations".
      • phaseAssigned (20060718)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id62364
      • nameCVE-2006-3696
      • descriptionfiltnt.sys in Outpost Firewall Pro before 3.51.759.6511 (462) allows local users to cause a denial of service (crash) via long arguments to mshta.exe.
      • reject(null)
      • CVSS_version2
      • CVSS_score2.1
      • severityLow
      • CVSS_base_score2.1
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:N/I:N/A:P)
      • sourcecve
      • pub_date2016-12-20
      • published2006-07-21
      • modified_date2011-03-07
      • typeCVE
      • seq2006-3696
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id60553
      • nameJVNDB-2006-002819
      • titleLavasoft Personal Firewall などの製品で使用される Agnitum Outpost Firewall における権限を取得される脆弱性
      • summary(1) Lavasoft Personal Firewall および (2) Novell BorderManager Novell Client Firewall で使用される Agnitum Outpost Firewall は、LocalSystem のコンテキストで稼動するアプリケーションウインドウ内のユーザの活動を適切に制限しない、および ShellExecute API 関数に関する処理に不備があるため、権限を取得される、およびコマンドを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2006-3697
      • cveinfo_id19799
      • nvdinfo_nameCVE-2006-3697
      • nvdinfo_id62365
      • cvssv27.2
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-002819.html
      • published_date2006-07-21
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id19799
      • nameCVE-2006-3695
      • statusCandidate
      • descriptionTrac before 0.9.6 does not disable the "raw" or "include" commands when providing untrusted users with restructured text (reStructuredText) functionality from docutils, which allows remote attackers to read arbitrary files, perform cross-site scripting (XSS) attacks, or cause a denial of service via unspecified vectors. NOTE: this might be related to CVE-2006-3458.
      • phaseAssigned (20060718)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id62365
      • nameCVE-2006-3697
      • descriptionAgnitum Outpost Firewall Pro 3.51.759.6511 (462), as used in (1) Lavasoft Personal Firewall 1.0.543.5722 (433) and (2) Novell BorderManager Novell Client Firewall 2.0, does not properly restrict user activities in application windows that run in a LocalSystem context, which allows local users to gain privileges and execute commands (a) via the "open folder" option when no instance of explorer.exe is running, possibly related to the ShellExecute API function; or (b) by overwriting a batch file through the "Save Configuration As" option. NOTE: this might be a vulnerability in Microsoft Windows and explorer.exe instead of the firewall.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.2
      • severityHigh
      • CVSS_base_score7.2
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2016-12-20
      • published2006-07-21
      • modified_date2011-08-25
      • typeCVE
      • seq2006-3697
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:1636/sort:cveinfo_id/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:1636/sort:cveinfo_id/direction:asc
Remote Port	45543
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.55
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.168.126
Http Via	1.1 squid-proxy-5b5d847c96-58dsr (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=kpjucta77qpbe1ebjlb4rcrvi6
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.55
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.55
Unique Id	aHW2215yuVj6OZ9r_zRkAgAAAKY
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.55
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.55
Redirect Unique Id	aHW2215yuVj6OZ9r_zRkAgAAAKY
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.55
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.55
Redirect Redirect Unique Id	aHW2215yuVj6OZ9r_zRkAgAAAKY
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752544987.7172
Request Time	1752544987

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php