Request History

4 previous requests available

• Restore to current request
• cveinfos/index/page:562/sort:comments/direction:asc
• nvdinfos/view/54916
• nvdinfos/view/4165
• cveinfos/index/page:20722/sort:comments/direction:desc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page1684
  • sortlast_updated_date
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page1684
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.last_updated_datedesc
    • limit5
    • options(array)
      • page1684
      • order(array)
        • Jvninfo.last_updated_datedesc
      • sortlast_updated_date
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id2301
      • nameJVNDB-2016-003074
      • title複数の Symantec 製品の Management Server におけるディレクトリトラバーサルの脆弱性
      • summary複数の Symantec 製品の Management Server には、ディレクトリトラバーサルの脆弱性が存在します。
      • cveinfo_nameCVE-2015-8798
      • cveinfo_id86023
      • nvdinfo_nameCVE-2015-8798
      • nvdinfo_id28848
      • cvssv27.7
      • cvssv38
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003074.html
      • published_date2016-06-07
      • registered_date2016-06-13
      • last_updated_date2016-06-13
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id86023
      • nameCVE-2015-8746
      • statusCandidate
      • descriptionfs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.
      • phaseAssigned (20160106)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id28848
      • nameCVE-2015-8798
      • descriptionDirectory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to execute arbitrary code via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.7
      • severityHigh
      • CVSS_base_score7.7
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore5.1
      • nvd_xml_version(null)
      • CVSS_vector(AV:A/AC:L/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-06-08
      • modified_date2016-06-10
      • typeCVE
      • seq2015-8798
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id2302
      • nameJVNDB-2016-003075
      • title複数の Symantec 製品の Management Server におけるディレクトリトラバーサルの脆弱性
      • summary複数の Symantec 製品の Management Server には、ディレクトリトラバーサルの脆弱性が存在します。
      • cveinfo_nameCVE-2015-8799
      • cveinfo_id86024
      • nvdinfo_nameCVE-2015-8799
      • nvdinfo_id28849
      • cvssv27.1
      • cvssv37.6
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003075.html
      • published_date2016-06-07
      • registered_date2016-06-13
      • last_updated_date2016-06-13
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id86024
      • nameCVE-2015-8747
      • statusCandidate
      • descriptionThe multifilesystem storage backend in Radicale before 1.1 allows remote attackers to read or write to arbitrary files via a crafted component name.
      • phaseAssigned (20160106)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id28849
      • nameCVE-2015-8799
      • descriptionDirectory traversal vulnerability in the Management Server in Symantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allows remote authenticated users to write update-package data to arbitrary agent locations via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.1
      • severityHigh
      • CVSS_base_score7.1
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-06-08
      • modified_date2016-06-10
      • typeCVE
      • seq2015-8799
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id2303
      • nameJVNDB-2016-003076
      • title複数の Symantec 製品における引数インジェクション攻撃を実行される脆弱性
      • summary複数の Symantec 製品には、引数インジェクション攻撃を実行される脆弱性が存在します。
      • cveinfo_nameCVE-2015-8800
      • cveinfo_id86025
      • nvdinfo_nameCVE-2015-8800
      • nvdinfo_id28850
      • cvssv24.9
      • cvssv37.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003076.html
      • published_date2016-06-07
      • registered_date2016-06-13
      • last_updated_date2016-06-13
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id86025
      • nameCVE-2015-8748
      • statusCandidate
      • descriptionRadicale before 1.1 allows remote authenticated users to bypass owner_write and owner_only limitations via regex metacharacters in the user name, as demonstrated by ".*".
      • phaseAssigned (20160106)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id28850
      • nameCVE-2015-8800
      • descriptionSymantec Embedded Security: Critical System Protection (SES:CSP) 1.0.x before 1.0 MP5, Embedded Security: Critical System Protection for Controllers and Devices (SES:CSP) 6.5.0 before MP1, Critical System Protection (SCSP) before 5.2.9 MP6, Data Center Security: Server Advanced Server (DCS:SA) 6.x before 6.5 MP1 and 6.6 before MP1, and Data Center Security: Server Advanced Server and Agents (DCS:SA) through 6.6 MP1 allow remote authenticated users to conduct argument-injection attacks by leveraging certain named-pipe access.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.9
      • severityMedium
      • CVSS_base_score4.9
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:N/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-06-08
      • modified_date2016-06-10
      • typeCVE
      • seq2015-8800
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id6217
      • nameJVNDB-2015-001537
      • titleSiemens SIMATIC WinCC における平文認証情報を特定される脆弱性
      • summarySiemens SIMATIC WinCC (TIA Portal) の (1) Multi Panels、(2) Comfort Panels、および (3) RT Advanced 機能の remote-management モジュールは、トランジットの認証情報を適切に暗号化しないため、平文認証情報を特定される脆弱性が存在します。
      • cveinfo_nameCVE-2015-1358
      • cveinfo_id78583
      • nvdinfo_nameCVE-2015-1358
      • nvdinfo_id23703
      • cvssv25
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-001537.html
      • published_date2015-02-13
      • registered_date2015-02-20
      • last_updated_date2016-06-10
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id78583
      • nameCVE-2015-1306
      • statusCandidate
      • descriptionThe newsletter posting area in the web interface in Sympa 6.0.x before 6.0.10 and 6.1.x before 6.1.24 allows remote attackers to read arbitrary files via unspecified vectors.
      • phaseAssigned (20150122)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id23703
      • nameCVE-2015-1358
      • descriptionThe remote-management module in the (1) Multi Panels, (2) Comfort Panels, and (3) RT Advanced functionality in Siemens SIMATIC WinCC (TIA Portal) before 13 SP1 and in the (4) panels and (5) runtime functionality in SIMATIC WinCC flexible before 2008 SP3 Up7 does not properly encrypt credentials in transit, which makes it easier for remote attackers to determine cleartext credentials by sniffing the network and conducting a decryption attack.
      • reject(null)
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2015-02-17
      • modified_date2016-11-29
      • typeCVE
      • seq2015-1358
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id2267
      • nameJVNDB-2016-003040
      • titleApache Struts における任意のコードを実行される脆弱性
      • summaryApache Struts には、Dynamic Method Invocation が有効になっている場合、任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2016-3087
      • cveinfo_id89593
      • nvdinfo_nameCVE-2016-3087
      • nvdinfo_id18962
      • cvssv27.5
      • cvssv39.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-003040.html
      • published_date2016-06-02
      • registered_date2016-06-10
      • last_updated_date2016-06-10
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89593
      • nameCVE-2016-2774
      • statusCandidate
      • descriptionISC DHCP 4.1.x before 4.1-ESV-R13 and 4.2.x and 4.3.x before 4.3.4 does not restrict the number of concurrent TCP sessions, which allows remote attackers to cause a denial of service (INSIST assertion failure or request-processing outage) by establishing many sessions.
      • phaseAssigned (20160226)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id18962
      • nameCVE-2016-3087
      • descriptionApache Struts 2.3.20.x before 2.3.20.3, 2.3.24.x before 2.3.24.3, and 2.3.28.x before 2.3.28.1, when Dynamic Method Invocation is enabled, allow remote attackers to execute arbitrary code via vectors related to an ! (exclamation mark) operator to the REST Plugin.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-06-07
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3087
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:1684/sort:last_updated_date/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:1684/sort:last_updated_date/direction:desc
Remote Port	11763
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.31
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.180.70
Http Via	1.1 squid-proxy-5b5d847c96-87lc8 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.31
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.31
Unique Id	aHnZqHJ1ig15ZcyaGjYuGAAAACU
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.31
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.31
Redirect Unique Id	aHnZqHJ1ig15ZcyaGjYuGAAAACU
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.31
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.31
Redirect Redirect Unique Id	aHnZqHJ1ig15ZcyaGjYuGAAAACU
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752816040.2201
Request Time	1752816040

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php