Request History

4 previous requests available

• Restore to current request
• cvereves/view/330604
• nvdinfos/view/53363
• cvereves/view/306343
• nvdinfos/index/page:245/sort:name/direction:desc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page3620
  • sorttitle
  • directionasc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page3620
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.titleasc
    • limit5
    • options(array)
      • page3620
      • order(array)
        • Jvninfo.titleasc
      • sorttitle
      • directionasc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id13906
      • nameJVNDB-2014-002781
      • titleEMC Documentum Content Server における DQL インジェクション攻撃を実行される脆弱性
      • summaryEMC Documentum Content Server には、Documentum Query Language (DQL) インジェクション攻撃を実行され、データベースアクションの制限を回避される脆弱性が存在します。
      • cveinfo_nameCVE-2014-2508
      • cveinfo_id69795
      • nvdinfo_nameCVE-2014-2508
      • nvdinfo_id30926
      • cvssv27.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002781.html
      • published_date2014-06-05
      • registered_date2014-06-10
      • last_updated_date2014-06-10
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69795
      • nameCVE-2014-2500
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30926
      • nameCVE-2014-2508
      • descriptionEMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to conduct Documentum Query Language (DQL) injection attacks and bypass intended restrictions on database actions via vectors involving DQL hints.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore8.5
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2014-06-08
      • modified_date2015-12-14
      • typeCVE
      • seq2014-2508
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id15011
      • nameJVNDB-2014-003886
      • titleEMC Documentum Content Server における DQL インジェクション攻撃を実行される脆弱性
      • summaryEMC Documentum Content Server は、Oracle Database が使用されている場合、適切に DQL のヒントを制限しないため、DQL インジェクション攻撃を実行される、および重要なデータベースコンテンツを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2014-2520
      • cveinfo_id69807
      • nvdinfo_nameCVE-2014-2520
      • nvdinfo_id30938
      • cvssv26.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003886.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2014-08-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69807
      • nameCVE-2014-2512
      • statusCandidate
      • descriptionMultiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30938
      • nameCVE-2014-2520
      • descriptionEMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.3
      • severityMedium
      • CVSS_base_score6.3
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-20
      • modified_date2017-01-06
      • typeCVE
      • seq2014-2520
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id13265
      • nameJVNDB-2014-002140
      • titleEMC Documentum Content Server におけるアクセス制限を回避される脆弱性
      • summaryEMC Documentum Content Server には、アクセス制限を回避され、特定のフォルダ内のメタデータを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2014-0642
      • cveinfo_id68043
      • nvdinfo_nameCVE-2014-0642
      • nvdinfo_id29526
      • cvssv25.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002140.html
      • published_date2014-04-11
      • registered_date2014-04-18
      • last_updated_date2014-04-18
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id68043
      • nameCVE-2014-0634
      • statusCandidate
      • descriptionEMC VPLEX GeoSynchrony 4.x and 5.x before 5.3 does not include the HTTPOnly flag in a Set-Cookie header for an unspecified cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.
      • phaseAssigned (20140102)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id29526
      • nameCVE-2014-0642
      • descriptionEMC Documentum Content Server before 6.7 SP1 P26, 6.7 SP2 before P13, 7.0 before P13, and 7.1 before P02 allows remote authenticated users to bypass intended access restrictions and read metadata from certain folders via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score5.5
      • severityMedium
      • CVSS_base_score5.5
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:S/C:P/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-04-15
      • modified_date2014-04-16
      • typeCVE
      • seq2014-0642
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id15372
      • nameJVNDB-2014-004247
      • titleEMC Documentum Content Server におけるシステムオブジェクト作成用のスーパーユーザ権限を取得される脆弱性
      • summaryEMC Documentum Content Server は、保護されたシステムタイプのサブタイプの認証を適切にチェックしないため、システムオブジェクト作成用のスーパーユーザ権限を取得され、データアクセスおよびサーバアクションの制限を回避される脆弱性が存在します。
      • cveinfo_nameCVE-2014-4621
      • cveinfo_id71910
      • nvdinfo_nameCVE-2014-4621
      • nvdinfo_id32580
      • cvssv28.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-004247.html
      • published_date2014-09-15
      • registered_date2014-09-18
      • last_updated_date2014-09-18
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id71910
      • nameCVE-2014-4613
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20140624)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id32580
      • nameCVE-2014-4621
      • descriptionEMC Documentum Content Server before 6.7 SP2 P17, 7.0 through P15, and 7.1 before P08 does not properly check authorization for subtypes of protected system types, which allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score8.5
      • severityHigh
      • CVSS_base_score8.5
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-09-17
      • modified_date2017-01-06
      • typeCVE
      • seq2014-4621
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id13904
      • nameJVNDB-2014-002779
      • titleEMC Documentum Content Server におけるシステムオブジェクト作成用のスーパーユーザ権限を取得される脆弱性
      • summaryEMC Documentum Content Server には、システムオブジェクト作成用のスーパーユーザの権限を取得され、データアクセスおよびサーバアクションの制限を回避される脆弱性が存在します。
      • cveinfo_nameCVE-2014-2506
      • cveinfo_id69793
      • nvdinfo_nameCVE-2014-2506
      • nvdinfo_id30924
      • cvssv28.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-002779.html
      • published_date2014-06-05
      • registered_date2014-06-10
      • last_updated_date2014-06-10
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69793
      • nameCVE-2014-2498
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30924
      • nameCVE-2014-2506
      • descriptionEMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1 before P05 allows remote authenticated users to obtain super-user privileges for system-object creation, and bypass intended restrictions on data access and server actions, via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score8.5
      • severityHigh
      • CVSS_base_score8.5
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-06-08
      • modified_date2014-07-24
      • typeCVE
      • seq2014-2506
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:3620/sort:title/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:3620/sort:title/direction:asc
Remote Port	28702
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.55
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.12.50
Http Via	1.1 squid-proxy-5b5d847c96-8pn8c (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.55
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.55
Unique Id	aOABGQwT43etEcxRPs_vcgAAAYo
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.55
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.55
Redirect Unique Id	aOABGQwT43etEcxRPs_vcgAAAYo
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.55
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.55
Redirect Redirect Unique Id	aOABGQwT43etEcxRPs_vcgAAAYo
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759510809.8036
Request Time	1759510809

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php