Request History

4 previous requests available

• Restore to current request
• cveinfos/index/page:18629/sort:id/direction:desc
• jvninfos/index/page:4937/sort:cvssv2/direction:asc
• jvninfos/index/page:4043/sort:published_date/direction:desc
• jvninfos/index/page:4040/sort:summary/direction:desc

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page4048
  • sortpublished_date
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page4048
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.published_datedesc
    • limit5
    • options(array)
      • page4048
      • order(array)
        • Jvninfo.published_datedesc
      • sortpublished_date
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id15010
      • nameJVNDB-2014-003885
      • title複数の EMC Documentum 製品におけるクロスサイトリクエストフォージェリの脆弱性
      • summary複数の EMC Documentum 製品には、クロスサイトリクエストフォージェリの脆弱性が存在します。
      • cveinfo_nameCVE-2014-2518
      • cveinfo_id69805
      • nvdinfo_nameCVE-2014-2518
      • nvdinfo_id30936
      • cvssv26.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003885.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2014-08-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69805
      • nameCVE-2014-2510
      • statusCandidate
      • descriptionThe JAXB XML parser in EMC Documentum Foundation Services (DFS) 6.6 before P39, 6.7 SP1 before P28, and 6.7 SP2 before P15, as used in My Documentum for Desktop, My Documentum for Microsoft Outlook, and CenterStage, allows remote authenticated users to read arbitrary files via an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30936
      • nameCVE-2014-2518
      • descriptionMultiple cross-site request forgery (CSRF) vulnerabilities in EMC Documentum WDK before 6.7SP1 P28 and 6.7SP2 before P15 allow remote attackers to hijack the authentication of arbitrary users.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.8
      • severityMedium
      • CVSS_base_score6.8
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-20
      • modified_date2017-01-06
      • typeCVE
      • seq2014-2518
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id15011
      • nameJVNDB-2014-003886
      • titleEMC Documentum Content Server における DQL インジェクション攻撃を実行される脆弱性
      • summaryEMC Documentum Content Server は、Oracle Database が使用されている場合、適切に DQL のヒントを制限しないため、DQL インジェクション攻撃を実行される、および重要なデータベースコンテンツを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2014-2520
      • cveinfo_id69807
      • nvdinfo_nameCVE-2014-2520
      • nvdinfo_id30938
      • cvssv26.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003886.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2014-08-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69807
      • nameCVE-2014-2512
      • statusCandidate
      • descriptionMultiple cross-site scripting (XSS) vulnerabilities in EMC Documentum eRoom 7.4.3, 7.4.4 before P19, and 7.4.4 SP1 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30938
      • nameCVE-2014-2520
      • descriptionEMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.3
      • severityMedium
      • CVSS_base_score6.3
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-20
      • modified_date2017-01-06
      • typeCVE
      • seq2014-2520
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id15012
      • nameJVNDB-2014-003887
      • titleEMC Documentum Content Server における重要なオブジェクトメタデータを読まれる脆弱性
      • summaryEMC Documentum Content Server には、重要なオブジェクトメタデータを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2014-2521
      • cveinfo_id69808
      • nvdinfo_nameCVE-2014-2521
      • nvdinfo_id30939
      • cvssv26.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003887.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2014-08-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69808
      • nameCVE-2014-2513
      • statusCandidate
      • descriptionEMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P15, 7.0 before P15, and 7.1 before P06 does not properly check authorization after creation of an object, which allows remote authenticated users to execute arbitrary code with super-user privileges via a custom script.
      • phaseAssigned (20140314)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30939
      • nameCVE-2014-2521
      • descriptionEMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to read sensitive object metadata via an RPC command.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.3
      • severityMedium
      • CVSS_base_score6.3
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-20
      • modified_date2017-01-06
      • typeCVE
      • seq2014-2521
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id15013
      • nameJVNDB-2014-003888
      • titleEMC Documentum Content Server における権限を取得される脆弱性
      • summaryEMC Documentum Content Server には、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-4618
      • cveinfo_id71907
      • nvdinfo_nameCVE-2014-4618
      • nvdinfo_id32577
      • cvssv28.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003888.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2014-08-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id71907
      • nameCVE-2014-4610
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20140623)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id32577
      • nameCVE-2014-4618
      • descriptionEMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07 allows remote authenticated users to gain privileges via a user-created system object.
      • reject(null)
      • CVSS_version2
      • CVSS_score8.5
      • severityHigh
      • CVSS_base_score8.5
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-20
      • modified_date2017-01-06
      • typeCVE
      • seq2014-4618
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id15017
      • nameJVNDB-2014-003892
      • titleApache HttpComponents HttpClient および HttpAsyncClient の org.apache.http.conn.ssl.AbstractVerifier における SSL サーバになりすまされる脆弱性
      • summaryApache HttpComponents HttpClient および HttpAsyncClient の org.apache.http.conn.ssl.AbstractVerifier は、サーバのホスト名が X.509 証明書のサブジェクトの Common Name (CN) または subjectAltName フィールドのドメイン名と一致することを適切に検証しないため、SSL サーバになりすまされる脆弱性が存在します。
      • cveinfo_nameCVE-2014-3577
      • cveinfo_id70865
      • nvdinfo_nameCVE-2014-3577
      • nvdinfo_id31754
      • cvssv25.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-003892.html
      • published_date2014-08-18
      • registered_date2014-08-22
      • last_updated_date2016-09-30
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id70865
      • nameCVE-2014-3569
      • statusCandidate
      • descriptionThe ssl23_get_client_hello function in s23_srvr.c in OpenSSL 0.9.8zc, 1.0.0o, and 1.0.1j does not properly handle attempts to use unsupported protocols, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unexpected handshake, as demonstrated by an SSLv3 handshake to a no-ssl3 application with certain error handling. NOTE: this issue became relevant after the CVE-2014-3568 fix.
      • phaseAssigned (20140514)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id31754
      • nameCVE-2014-3577
      • descriptionorg.apache.http.conn.ssl.AbstractVerifier in Apache HttpComponents HttpClient before 4.3.5 and HttpAsyncClient before 4.0.2 does not properly verify that the server hostname matches a domain name in the subject"s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a "CN=" string in a field in the distinguished name (DN) of a certificate, as demonstrated by the "foo,CN=www.apache.org" string in the O field.
      • reject(null)
      • CVSS_version2
      • CVSS_score5.8
      • severityMedium
      • CVSS_base_score5.8
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-08-21
      • modified_date2017-01-10
      • typeCVE
      • seq2014-3577
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:4048/sort:published_date/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:4048/sort:published_date/direction:desc
Remote Port	1694
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.1
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.145.128
Http Via	1.1 squid-proxy-5b5d847c96-56z77 (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.1
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.1
Unique Id	aO9XxEdDBR7PvsAwU2DsawAAAIw
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.1
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.1
Redirect Unique Id	aO9XxEdDBR7PvsAwU2DsawAAAIw
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.1
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.1
Redirect Redirect Unique Id	aO9XxEdDBR7PvsAwU2DsawAAAIw
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1760516036.8835
Request Time	1760516036

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php