Request History

4 previous requests available

• Restore to current request
• nvdreves/view/104036
• nvdreves/view/230108
• nvdreves/view/234135
• nvdreves/view/388146

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page1728
  • sortcvssv2
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page1728
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cvssv2desc
    • limit5
    • options(array)
      • page1728
      • order(array)
        • Jvninfo.cvssv2desc
      • sortcvssv2
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id46911
      • nameJVNDB-2008-002221
      • titleGNU Enscript の read_special_escape 関数におけるバッファオーバーフローの脆弱性
      • summaryGNU Enscript の read_special_escape 関数には、-e オプションを使用可能にしている場合に ASCII ファイルの処理に不備があるため、スタックベースのバッファオーバーフローの脆弱性が存在します。
      • cveinfo_nameCVE-2008-3863
      • cveinfo_id33976
      • nvdinfo_nameCVE-2008-3863
      • nvdinfo_id3725
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-002221.html
      • published_date2008-10-23
      • registered_date2009-01-29
      • last_updated_date2009-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id33976
      • nameCVE-2008-3859
      • statusCandidate
      • descriptionDavlin Thickbox Gallery 2 allows remote attackers to obtain the administrative username and MD5 password hash via a direct request to conf/admins.php.
      • phaseAssigned (20080829)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id3725
      • nameCVE-2008-3863
      • descriptionStack-based buffer overflow in the read_special_escape function in src/psgen.c in GNU Enscript 1.6.1 and 1.6.4 beta, when the -e (aka special escapes processing) option is enabled, allows user-assisted remote attackers to execute arbitrary code via a crafted ASCII file, related to the setfilename command.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-10-23
      • modified_date2012-11-05
      • typeCVE
      • seq2008-3863
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id50751
      • nameJVNDB-2008-006061
      • titleCygwin の setup.exe における任意のコードを実行される脆弱性
      • summaryCygwin の setup.exe は、パッケージの信頼性を適切に検証しないため、任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2008-3323
      • cveinfo_id33436
      • nvdinfo_nameCVE-2008-3323
      • nvdinfo_id3204
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-006061.html
      • published_date2008-07-28
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id33436
      • nameCVE-2008-3319
      • statusCandidate
      • descriptionadmin/index.php in Maian Links 3.1 and earlier allows remote attackers to bypass authentication and gain administrative access by sending an arbitrary links_cookie cookie.
      • phaseAssigned (20080725)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id3204
      • nameCVE-2008-3323
      • descriptionsetup.exe before 2.573.2.3 in Cygwin does not properly verify the authenticity of packages, which allows remote Cygwin mirror servers or man-in-the-middle attackers to execute arbitrary code via a package list containing the MD5 checksum of a Trojan horse package.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-07-28
      • modified_date2011-03-07
      • typeCVE
      • seq2008-3323
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id23616
      • nameJVNDB-2013-005191
      • titlelighttpd における権限を取得される脆弱性
      • summarylighttpd は、(1) setuid、(2) setgid、または (3) setgroups 関数の戻り値をチェックしないため、再起動された場合に lighttpd が root として実行される原因となり、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2013-4559
      • cveinfo_id64501
      • nvdinfo_nameCVE-2013-4559
      • nvdinfo_id40151
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005191.html
      • published_date2013-11-13
      • registered_date2013-11-21
      • last_updated_date2013-11-21
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64501
      • nameCVE-2013-4554
      • statusCandidate
      • descriptionXen 3.0.3 through 4.1.x (possibly 4.1.6.1), 4.2.x (possibly 4.2.3), and 4.3.x (possibly 4.3.1) does not properly prevent access to hypercalls, which allows local guest users to gain privileges via a crafted application running in ring 1 or 2.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id40151
      • nameCVE-2013-4559
      • descriptionlighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-11-20
      • modified_date2016-12-07
      • typeCVE
      • seq2013-4559
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id46144
      • nameJVNDB-2008-001454
      • titleCitect 社製 CitectSCADA におけるバッファオーバーフローの脆弱性
      • summaryCitect 社製 CitectSCADA にはバッファオーバーフローの脆弱性が存在します。
      • cveinfo_nameCVE-2008-2639
      • cveinfo_id32752
      • nvdinfo_nameCVE-2008-2639
      • nvdinfo_id2545
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-001454.html
      • published_date2008-06-12
      • registered_date2008-07-08
      • last_updated_date2008-07-08
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id32752
      • nameCVE-2008-2635
      • statusCandidate
      • descriptionMultiple directory traversal vulnerabilities in BitKinex 2.9.3 allow remote FTP and WebDAV servers to create or overwrite arbitrary files via a .. (dot dot) in (1) a response to a LIST command from the BitKinex FTP client and (2) a response to a PROPFIND command from the BitKinex WebDAV client. NOTE: this can be leveraged for code execution by writing to a Startup folder.
      • phaseAssigned (20080609)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id2545
      • nameCVE-2008-2639
      • descriptionStack-based buffer overflow in the ODBC server service in Citect CitectSCADA 6 and 7, and CitectFacilities 7, allows remote attackers to execute arbitrary code via a long string in the second application packet in a TCP session on port 20222.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-06-16
      • modified_date2011-03-07
      • typeCVE
      • seq2008-2639
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id54081
      • nameJVNDB-2007-002773
      • titleG DATA Antivirus の特定の ActiveX コントロールにおけるバッファオーバーフローの脆弱性
      • summaryG DATA Antivirus の ScanObjectBrowser.DLL の特定の ActiveX コントロールには、バッファオーバーフローの脆弱性が存在します。
      • cveinfo_nameCVE-2007-5436
      • cveinfo_id28791
      • nvdinfo_nameCVE-2007-5436
      • nvdinfo_id57501
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-002773.html
      • published_date2007-10-12
      • registered_date2012-06-26
      • last_updated_date2012-06-26
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id28791
      • nameCVE-2007-5434
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in PRO-search 0.17.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the q parameter to the default URI.
      • phaseAssigned (20071012)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id57501
      • nameCVE-2007-5436
      • descriptionBuffer overflow in a certain ActiveX control in ScanObjectBrowser.DLL in G DATA Antivirus 2007 might allow remote attackers to execute arbitrary code via unspecified parameters to the SelectPath function. NOTE: this issue might not cross privilege boundaries in most environments, since it is not marked as safe for scripting.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2007-10-12
      • modified_date2008-11-15
      • typeCVE
      • seq2007-5436
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:1728/sort:cvssv2/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:1728/sort:cvssv2/direction:desc
Remote Port	62684
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.31
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.3.180.70
Http Via	1.1 squid-proxy-5b5d847c96-87lc8 (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=hor949lndm4tf4penfer0jhrq2
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectdos	1
X Dostranslated Ip	216.73.216.31
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.31
Unique Id	aHm28PS8dzbjgW6vOjl-lwAAALs
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.31
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.31
Redirect Unique Id	aHm28PS8dzbjgW6vOjl-lwAAALs
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.31
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.31
Redirect Redirect Unique Id	aHm28PS8dzbjgW6vOjl-lwAAALs
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1752807152.9773
Request Time	1752807152

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php