Request History

4 previous requests available

• Restore to current request
• nvdreves/view/308282
• nvdreves/view/59537
• nvdreves/view/78286
• nvdreves/view/361983

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page28
  • Jvninfoscveinfos
  • sortsummary
  • directionasc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page28
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.summaryasc
    • limit5
    • options(array)
      • page28
      • order(array)
        • Jvninfo.summaryasc
      • sortsummary
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id18568
      • nameJVNDB-2014-007443
      • titlePHP の Fileinfo コンポーネントの libmagic/apprentice.c の apprentice_load 関数におけるサービス運用妨害 (DoS) の脆弱性
      • summary** 未確定 ** 本件は、脆弱性として確定していません。
      • cveinfo_nameCVE-2014-9426
      • cveinfo_id76719
      • nvdinfo_nameCVE-2014-9426
      • nvdinfo_id36129
      • cvssv27.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007443.html
      • published_date2014-12-28
      • registered_date2015-01-06
      • last_updated_date2015-04-30
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id76719
      • nameCVE-2014-9418
      • statusCandidate
      • descriptionThe eSpace Meeting ActiveX control (eSpaceStatusCtrl.dll) in Huawei eSpace Desktop before V200R001C03 allows local users to cause a denial of service (memory overflow) via unspecified vectors.
      • phaseAssigned (20141224)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id36129
      • nameCVE-2014-9426
      • description** DISPUTED ** The apprentice_load function in libmagic/apprentice.c in the Fileinfo component in PHP through 5.6.4 attempts to perform a free operation on a stack-based character array, which allows remote attackers to cause a denial of service (memory corruption or application crash) or possibly have unspecified other impact via unknown vectors. NOTE: this is disputed by the vendor because the standard erealloc behavior makes the free operation unreachable.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2014-12-30
      • modified_date2015-03-16
      • typeCVE
      • seq2014-9426
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id27329
      • nameJVNDB-2012-003036
      • titleCyberoam UTM アプライアンスのデフォルト設定における SSL サーバになりすまされる脆弱性
      • summary** 未確定 ** 本件は、脆弱性として確定していません。
      • cveinfo_nameCVE-2012-3372
      • cveinfo_id56610
      • nvdinfo_nameCVE-2012-3372
      • nvdinfo_id44969
      • cvssv25.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-003036.html
      • published_date2012-07-05
      • registered_date2012-07-11
      • last_updated_date2015-12-02
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id56610
      • nameCVE-2012-3367
      • statusCandidate
      • descriptionRed Hat Certificate System (RHCS) before 8.1.1 and Dogtag Certificate System does not properly check certificate revocation requests made through the web interface, which allows remote attackers with permissions to revoke end entity certificates to revoke the Certificate Authority (CA) certificate.
      • phaseAssigned (20120614)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id44969
      • nameCVE-2012-3372
      • description** DISPUTED ** The default configuration of Cyberoam UTM appliances uses the same Certification Authority certificate and same private key across different customers" installations, which makes it easier for man-in-the-middle attackers to spoof SSL servers by leveraging the presence of the Cyberoam_SSL_CA certificate in a list of trusted root certification authorities. NOTE: the vendor disputes the significance of this issue because the appliance "does not allow import or export of the foresaid private key."
      • reject(null)
      • CVSS_version2
      • CVSS_score5.8
      • severityMedium
      • CVSS_base_score5.8
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2012-07-09
      • modified_date2012-07-09
      • typeCVE
      • seq2012-3372
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id15310
      • nameJVNDB-2014-004185
      • titleiOS 用 Facebook アプリおよび Facebook Messenger アプリにおけるクロスサイトスクリプティングの脆弱性
      • summary** 未確定 ** 本件は、脆弱性として確定していません。
      • cveinfo_nameCVE-2014-6392
      • cveinfo_id73684
      • nvdinfo_nameCVE-2014-6392
      • nvdinfo_id33908
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004185.html
      • published_date2014-09-02
      • registered_date2014-09-16
      • last_updated_date2015-10-21
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id73684
      • nameCVE-2014-6384
      • statusCandidate
      • descriptionJuniper Junos 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D25, 12.1X47 before 12.1X47-D15, 12.3 before 12.3R9, 13.1 before 13.1R4-S3, 13.2 before 13.2R6, 13.3 before 13.3R5, 14.1 before 14.1R3, and 14.2 before 14.2R1 does not properly handle double quotes in authorization attributes in the TACACS+ configuration, which allows local users to bypass the security policy and execute commands via unspecified vectors.
      • phaseAssigned (20140911)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id33908
      • nameCVE-2014-6392
      • description** DISPUTED ** Cross-site scripting (XSS) vulnerability in the Facebook app 14.0 and the Facebook Messenger app 10.0 for iOS allows remote attackers to inject arbitrary web script or HTML via a crafted filename extension that is improperly handled during MIME sniffing of chat traffic. NOTE: the vendor disputes the significance of this report, because the user must accept an interstitial warning before the HTML file content is rendered, and because the HTML content"s origin is a sandbox domain.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-09-15
      • modified_date2014-09-23
      • typeCVE
      • seq2014-6392
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id26834
      • nameJVNDB-2012-002541
      • titleLinux Kernel の pmcraid_ioctl_passthrough 関数における整数符号エラーの脆弱性
      • summary** 未確定 ** 本件は、脆弱性として確定していません。
      • cveinfo_nameCVE-2011-2906
      • cveinfo_id50813
      • nvdinfo_nameCVE-2011-2906
      • nvdinfo_id9625
      • cvssv24.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002541.html
      • published_date2012-05-24
      • registered_date2012-05-28
      • last_updated_date2015-11-16
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id50813
      • nameCVE-2011-2901
      • statusCandidate
      • descriptionOff-by-one error in the __addr_ok macro in Xen 3.3 and earlier allows local 64 bit PV guest administrators to cause a denial of service (host crash) via unspecified hypercalls that ignore virtual-address bits.
      • phaseAssigned (20110727)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id9625
      • nameCVE-2011-2906
      • description** DISPUTED ** Integer signedness error in the pmcraid_ioctl_passthrough function in drivers/scsi/pmcraid.c in the Linux kernel before 3.1 might allow local users to cause a denial of service (memory consumption or memory corruption) via a negative size value in an ioctl call. NOTE: this may be a vulnerability only in unusual environments that provide a privileged program for obtaining the required file descriptor.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.9
      • severityMedium
      • CVSS_base_score4.9
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:N/I:N/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2012-05-24
      • modified_date2012-05-29
      • typeCVE
      • seq2011-2906
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id68307
      • nameJVNDB-2017-004564
      • titleBigTree CMS におけるコードインジェクションの脆弱性
      • summary** 未確定 ** 本件は、脆弱性として確定していません。
      • cveinfo_nameCVE-2017-9442
      • cveinfo_id0
      • nvdinfo_nameCVE-2017-9442
      • nvdinfo_id86688
      • cvssv26.5
      • cvssv38.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-004564.html
      • published_date2017-06-05
      • registered_date2017-06-29
      • last_updated_date2017-06-29
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified2017-07-19 10:28:34
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id86688
      • nameCVE-2017-9442
      • description** DISPUTED ** BigTree CMS through 4.2.18 allows remote authenticated users to execute arbitrary code by uploading a crafted package containing a PHP web shell, related to extraction of a ZIP archive to filename patterns such as cache/package/xxx/yyy.php. This issue exists in coreadminmodulesdeveloperextensionsinstallunpack.php and coreadminmodulesdeveloperpackagesinstallunpack.php. NOTE: the vendor states You must implicitly trust any package or extension you install as they all have the ability to write PHP files.
      • reject
      • CVSS_version2
      • CVSS_score6.5
      • severityMedium
      • CVSS_base_score6.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8
      • nvd_xml_version
      • CVSS_vector(AV:N/AC:L/Au:S/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-06-12
      • published2017-06-05
      • modified_date2017-06-09
      • typeCVE
      • seq2017-9442
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:28/Jvninfos:cveinfos/sort:summary/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:28/Jvninfos:cveinfos/sort:summary/direction:asc
Remote Port	63771
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	18.118.155.106
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=rsj9d11e89k8bm0r7lkv9cjol0
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	18.118.155.106
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	18.118.155.106
Unique Id	aA_RFYS86MGb12m-uJMQWAAAAUI
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	18.118.155.106
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	18.118.155.106
Redirect Unique Id	aA_RFYS86MGb12m-uJMQWAAAAUI
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	18.118.155.106
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	18.118.155.106
Redirect Redirect Unique Id	aA_RFYS86MGb12m-uJMQWAAAAUI
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1745867029.5749
Request Time	1745867029

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php