Request History

4 previous requests available

• Restore to current request
• nvdinfos/index/page:15969/sort:id/direction:desc
• jvninfos/index/page:11278/sort:published_date/direction:asc
• cvereves/view/749524
• cvereves/view/234380

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page4274
  • sortcveinfo_id
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page4274
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cveinfo_iddesc
    • limit5
    • options(array)
      • page4274
      • order(array)
        • Jvninfo.cveinfo_iddesc
      • sortcveinfo_id
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id24917
      • nameJVNDB-2013-006492
      • titleSimpleGeo python-oauth2 の Server.verify_request 関数における反射攻撃を実行される脆弱性
      • summarySimpleGeo python-oauth2 の Server.verify_request 関数は、nonce をチェックしないため、反射攻撃 (リプレイアタック) を実行される脆弱性が存在します。
      • cveinfo_nameCVE-2013-4346
      • cveinfo_id64288
      • nvdinfo_nameCVE-2013-4346
      • nvdinfo_id39965
      • cvssv24.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-006492.html
      • published_date2013-02-05
      • registered_date2014-05-22
      • last_updated_date2014-05-22
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64288
      • nameCVE-2013-4341
      • statusCandidate
      • descriptionMultiple cross-site scripting (XSS) vulnerabilities in Moodle through 2.2.11, 2.3.x before 2.3.9, 2.4.x before 2.4.6, and 2.5.x before 2.5.2 allow remote attackers to inject arbitrary web script or HTML via a crafted blog link within an RSS feed.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id39965
      • nameCVE-2013-4346
      • descriptionThe Server.verify_request function in SimpleGeo python-oauth2 does not check the nonce, which allows remote attackers to perform replay attacks via a signed URL.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-18
      • published2014-05-20
      • modified_date2016-11-28
      • typeCVE
      • seq2013-4346
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id23016
      • nameJVNDB-2013-004591
      • titleLinux Kernel の crypto/ansi_cprng.c の get_prng_bytes 関数における暗号保護メカニズムを破られる脆弱性
      • summaryLinux Kernel の crypto/ansi_cprng.c の get_prng_bytes 関数には、一つずれエラー (Off-by-One error) により、暗号保護メカニズムを破られる脆弱性が存在します。
      • cveinfo_nameCVE-2013-4345
      • cveinfo_id64287
      • nvdinfo_nameCVE-2013-4345
      • nvdinfo_id39964
      • cvssv25.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004591.html
      • published_date2013-09-17
      • registered_date2013-10-11
      • last_updated_date2014-02-18
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64287
      • nameCVE-2013-4340
      • statusCandidate
      • descriptionwp-admin/includes/post.php in WordPress before 3.6.1 allows remote authenticated users to spoof the authorship of a post by leveraging the Author role and providing a modified user_ID parameter.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id39964
      • nameCVE-2013-4345
      • descriptionOff-by-one error in the get_prng_bytes function in crypto/ansi_cprng.c in the Linux kernel through 3.11.4 makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms via multiple requests for small amounts of data, leading to improper management of the state of the consumed data.
      • reject(null)
      • CVSS_version2
      • CVSS_score5.8
      • severityMedium
      • CVSS_base_score5.8
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:N)
      • sourcecve
      • pub_date2017-01-18
      • published2013-10-10
      • modified_date2016-03-31
      • typeCVE
      • seq2013-4345
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id22958
      • nameJVNDB-2013-004533
      • titleXen で使用される QEMU の SCSI の実装におけるバッファオーバーフローの脆弱性
      • summaryXen で使用される QEMU の SCSI の実装には、SCSI コントローラに256以上のデバイス接続がある場合、バッファオーバーフローの脆弱性が存在します。
      • cveinfo_nameCVE-2013-4344
      • cveinfo_id64286
      • nvdinfo_nameCVE-2013-4344
      • nvdinfo_id39963
      • cvssv26
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004533.html
      • published_date2013-10-02
      • registered_date2013-10-09
      • last_updated_date2014-02-18
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64286
      • nameCVE-2013-4339
      • statusCandidate
      • descriptionWordPress before 3.6.1 does not properly validate URLs before use in an HTTP redirect, which allows remote attackers to bypass intended redirection restrictions via a crafted string.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id39963
      • nameCVE-2013-4344
      • descriptionBuffer overflow in the SCSI implementation in QEMU, as used in Xen, when a SCSI controller has more than 256 attached devices, allows local users to gain privileges via a small transfer buffer in a REPORT LUNS command.
      • reject(null)
      • CVSS_version2
      • CVSS_score6
      • severityMedium
      • CVSS_base_score6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore1.5
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:H/Au:S/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-10-04
      • modified_date2015-11-20
      • typeCVE
      • seq2013-4344
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id22749
      • nameJVNDB-2013-004324
      • titleLinux Kernel の drivers/net/tun.c における権限を取得される脆弱性
      • summaryLinux Kernel の drivers/net/tun.c には、解放済みメモリの使用 (Use-after-free) により、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2013-4343
      • cveinfo_id64285
      • nvdinfo_nameCVE-2013-4343
      • nvdinfo_id39962
      • cvssv26.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004324.html
      • published_date2013-09-11
      • registered_date2013-09-27
      • last_updated_date2014-01-09
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64285
      • nameCVE-2013-4338
      • statusCandidate
      • descriptionwp-includes/functions.php in WordPress before 3.6.1 does not properly determine whether data has been serialized, which allows remote attackers to execute arbitrary code by triggering erroneous PHP unserialize operations.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id39962
      • nameCVE-2013-4343
      • descriptionUse-after-free vulnerability in drivers/net/tun.c in the Linux kernel through 3.11.1 allows local users to gain privileges by leveraging the CAP_NET_ADMIN capability and providing an invalid tuntap interface name in a TUNSETIFF ioctl call.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.9
      • severityMedium
      • CVSS_base_score6.9
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-09-25
      • modified_date2014-01-03
      • typeCVE
      • seq2013-4343
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id23009
      • nameJVNDB-2013-004584
      • titlexinetd における権限を取得される脆弱性
      • summaryxinetd は、TCPMUX サービスのユーザおよびグループ設定のディレクティブを適用しないため、これらのサービスがルートとして実行される原因となり、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2013-4342
      • cveinfo_id64284
      • nvdinfo_nameCVE-2013-4342
      • nvdinfo_id39961
      • cvssv27.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-004584.html
      • published_date2013-10-02
      • registered_date2013-10-11
      • last_updated_date2013-10-11
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id64284
      • nameCVE-2013-4337
      • statusCandidate
      • description** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-5965. Reason: This candidate is a duplicate of CVE-2013-5965. Notes: All CVE users should reference CVE-2013-5965 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
      • phaseAssigned (20130612)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id39961
      • nameCVE-2013-4342
      • descriptionxinetd does not enforce the user and group configuration directives for TCPMUX services, which causes these services to be run as root and makes it easier for remote attackers to gain privileges by leveraging another vulnerability in a service.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.6
      • severityHigh
      • CVSS_base_score7.6
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-10-09
      • modified_date2013-10-10
      • typeCVE
      • seq2013-4342
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:4274/sort:cveinfo_id/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:4274/sort:cveinfo_id/direction:desc
Remote Port	44791
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.223
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.148.26
Http Via	1.1 squid-proxy-5b5d847c96-7f7gz (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.223
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.223
Unique Id	aOKCAy7ZSBONaVcyiAyvUQAAADo
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.223
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.223
Redirect Unique Id	aOKCAy7ZSBONaVcyiAyvUQAAADo
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.223
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.223
Redirect Redirect Unique Id	aOKCAy7ZSBONaVcyiAyvUQAAADo
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759674883.8366
Request Time	1759674883

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php