Request History

4 previous requests available

• Restore to current request
• cveinfos/view/20739
• cveinfos/index/page:268/sort:id/direction:asc
• nvdreves/view/121332
• nvdinfos/index/page:16776/sort:description/direction:asc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page3213
  • sortsummary
  • directionasc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page3213
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.summaryasc
    • limit5
    • options(array)
      • page3213
      • order(array)
        • Jvninfo.summaryasc
      • sortsummary
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id29123
      • nameJVNDB-2012-004830
      • titleCraig Knudsen WebCalendar におけるクロスサイトスクリプティングの脆弱性
      • summaryCraig Knudsen WebCalendar には、クロスサイトスクリプティングの脆弱性が存在します。
      • cveinfo_nameCVE-2012-0846
      • cveinfo_id54084
      • nvdinfo_nameCVE-2012-0846
      • nvdinfo_id42911
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004830.html
      • published_date2012-01-11
      • registered_date2012-10-11
      • last_updated_date2012-10-11
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id54084
      • nameCVE-2012-0841
      • statusCandidate
      • descriptionlibxml2 before 2.8.0 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted XML data.
      • phaseAssigned (20120119)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id42911
      • nameCVE-2012-0846
      • descriptionCross-site scripting (XSS) vulnerability in Craig Knudsen WebCalendar 1.2.4 allows remote attackers to inject arbitrary web script or HTML via the Location variable.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2012-10-08
      • modified_date2012-10-09
      • typeCVE
      • seq2012-0846
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id61673
      • nameJVNDB-2006-003939
      • titleCraig Knudsen WebCalendar における重要な情報を取得される脆弱性
      • summaryCraig Knudsen WebCalendar には、重要な情報を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2006-1537
      • cveinfo_id17639
      • nvdinfo_nameCVE-2006-1537
      • nvdinfo_id60245
      • cvssv25
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003939.html
      • published_date2006-03-30
      • registered_date2014-03-11
      • last_updated_date2014-03-11
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id17639
      • nameCVE-2006-1535
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in login.php in Phoetux.net PhxContacts 0.93.1 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the m parameter.
      • phaseAssigned (20060330)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id60245
      • nameCVE-2006-1537
      • descriptionCraig Knudsen WebCalendar 1.1.0-CVS allows remote attackers to obtain sensitive information via a direct request to (1) includes/index.php, (2) tests/add_duration_test.php, (3) tests/all_tests.php, (4) groups.php, (5) nonusers.php, (6) includes/settings.php, (7) includes/init.php, (8) includes/settings.php.orig, (9) includes/js/admin.php, (10) includes/js/edit_entry.php, (11) includes/js/edit_layer.php, (12) includes/js/export_import.php, (13) includes/js/popups.php, (14) includes/js/pref.php, or (15) includes/menu/index.php, which reveal the path in various error messages.
      • reject(null)
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2016-12-20
      • published2006-03-30
      • modified_date2008-09-05
      • typeCVE
      • seq2006-1537
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id56528
      • nameJVNDB-2007-005220
      • titleCraig Knudsen WebCalendar の includes/functions.php における任意のグローバル変数を設定される脆弱性
      • summaryCraig Knudsen WebCalendar の includes/functions.php は、外部変更から noSet 変数を保護しないため、任意のグローバル変数を設定される脆弱性が存在します。
      • cveinfo_nameCVE-2007-1343
      • cveinfo_id24698
      • nvdinfo_nameCVE-2007-1343
      • nvdinfo_id53529
      • cvssv27.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-005220.html
      • published_date2007-03-08
      • registered_date2012-12-20
      • last_updated_date2012-12-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id24698
      • nameCVE-2007-1341
      • statusCandidate
      • descriptioninclude/auth/auth.php in Simple Invoices before 2007 03 05 does not use the login system to protect print preview pages for invoices, which might allow attackers to obtain sensitive information.
      • phaseAssigned (20070307)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id53529
      • nameCVE-2007-1343
      • descriptionincludes/functions.php in Craig Knudsen WebCalendar before 1.0.5 does not protect the noSet variable from external modification, which allows remote attackers to set arbitrary global variables via a URL with modified values in the noSet parameter, which leads to resultant vulnerabilities that probably include remote file inclusion and other issues.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-07
      • published2007-03-08
      • modified_date2011-03-07
      • typeCVE
      • seq2007-1343
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id29224
      • nameJVNDB-2012-004931
      • titleCraig Knudsen WebCalendar における settings.php を変更される脆弱性
      • summaryCraig Knudsen WebCalendar の install/index.php には、"user theme preference" に関する処理に不備があるため、settings.php を変更される、および任意のコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2012-5385
      • cveinfo_id58623
      • nvdinfo_nameCVE-2012-5385
      • nvdinfo_id46569
      • cvssv27.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-004931.html
      • published_date2012-02-29
      • registered_date2012-10-15
      • last_updated_date2012-10-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id58623
      • nameCVE-2012-5380
      • statusCandidate
      • description** DISPUTED ** Untrusted search path vulnerability in the installation functionality in Ruby 1.9.3-p194, when installed in the top-level C: directory, might allow local users to gain privileges via a Trojan horse DLL in the C:Ruby193in directory, which may be added to the PATH system environment variable by an administrator, as demonstrated by a Trojan horse wlbsctrl.dll file used by the "IKE and AuthIP IPsec Keying Modules" system service in Windows Vista SP1, Windows Server 2008 SP2, Windows 7 SP1, and Windows 8 Release Preview. NOTE: CVE disputes this issue because the unsafe PATH is established only by a separate administrative action that is not a default part of the Ruby installation.
      • phaseAssigned (20121011)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id46569
      • nameCVE-2012-5385
      • descriptioninstall/index.php in Craig Knudsen WebCalendar before 1.2.5 allows remote attackers to modify settings.php and possibly execute arbitrary code via vectors related to the user theme preference.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2012-10-11
      • modified_date2012-10-22
      • typeCVE
      • seq2012-5385
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id61629
      • nameJVNDB-2006-003895
      • titleCraig Morrison Mail Transport System Professional におけるメールを返信される脆弱性
      • summaryCraig Morrison Mail Transport System Professional (別名 MTS Pro) には、メールを返信される脆弱性が存在します。
      • cveinfo_nameCVE-2006-0977
      • cveinfo_id17079
      • nvdinfo_nameCVE-2006-0977
      • nvdinfo_id59700
      • cvssv25
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-003895.html
      • published_date2006-03-03
      • registered_date2014-03-11
      • last_updated_date2014-03-11
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id17079
      • nameCVE-2006-0975
      • statusCandidate
      • description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2006-0459. Reason: This candidate is a reservation duplicate of CVE-2006-0459. Notes: All CVE users should reference CVE-2006-0459 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
      • phaseAssigned (20060303)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id59700
      • nameCVE-2006-0977
      • descriptionCraig Morrison Mail Transport System Professional (aka MTS Pro) acts as an open relay when configured to relay all mail through an external SMTP server, which allows remote attackers to relay mail by connecting to the MTS Pro server, then sending a MAIL FROM that specifies a domain that is local to the server.
      • reject(null)
      • CVSS_version2
      • CVSS_score5
      • severityMedium
      • CVSS_base_score5
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2016-12-20
      • published2006-03-03
      • modified_date2011-03-07
      • typeCVE
      • seq2006-0977
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:3213/sort:summary/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:3213/sort:summary/direction:asc
Remote Port	53282
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.147
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.87.33
Http Via	1.1 squid-proxy-5b5d847c96-hgfvd (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.147
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.147
Unique Id	aJnhbIVob5dzr7gfBOTdiAAAAKo
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.147
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.147
Redirect Unique Id	aJnhbIVob5dzr7gfBOTdiAAAAKo
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.147
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.147
Redirect Redirect Unique Id	aJnhbIVob5dzr7gfBOTdiAAAAKo
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1754915180.6081
Request Time	1754915180

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php