Request History

4 previous requests available

• Restore to current request
• cvereves/view/428802
• cvereves/view/68406
• jvninfos/index/page:13532/sort:title/direction:desc/Jvninfos:cveinfos
• nvdinfos/view/74278

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page4602
  • sortpublished_date
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page4602
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.published_datedesc
    • limit5
    • options(array)
      • page4602
      • order(array)
        • Jvninfo.published_datedesc
      • sortpublished_date
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id12594
      • nameJVNDB-2014-001469
      • titleCatfish における権限を取得される脆弱性
      • summaryCatfish には、検索パスに関する処理に不備があるため、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-2096
      • cveinfo_id69383
      • nvdinfo_nameCVE-2014-2096
      • nvdinfo_id30578
      • cvssv24.6
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001469.html
      • published_date2014-02-24
      • registered_date2014-02-27
      • last_updated_date2014-03-14
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69383
      • nameCVE-2014-2088
      • statusCandidate
      • descriptionUnrestricted file upload vulnerability in ilias.php in ILIAS 4.4.1 allows remote authenticated users to execute arbitrary PHP code by using a .php filename in an upload_files action to the uploadFiles command, and then accessing the .php file via a direct request to a certain client_id pathname.
      • phaseAssigned (20140224)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30578
      • nameCVE-2014-2096
      • descriptionUntrusted search path vulnerability in Catfish 0.6.0 through 1.0.0 allows local users to gain privileges via a Trojan horse bin/catfish.py under the current working directory.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.6
      • severityMedium
      • CVSS_base_score4.6
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2014-02-26
      • modified_date2014-03-11
      • typeCVE
      • seq2014-2096
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id12629
      • nameJVNDB-2014-001504
      • titleRed Hat JBoss Enterprise Application Platform のセキュリティ監査機能におけるパスワードを取得される脆弱性
      • summaryRed Hat JBoss Enterprise Application Platform (EAP) のセキュリティ監査機能は、リクエストパラメータのログを平文で記録するため、パスワードを取得される脆弱性が存在します。
      • cveinfo_nameCVE-2014-0058
      • cveinfo_id67459
      • nvdinfo_nameCVE-2014-0058
      • nvdinfo_id29001
      • cvssv21.9
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001504.html
      • published_date2014-02-24
      • registered_date2014-03-03
      • last_updated_date2015-01-28
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id67459
      • nameCVE-2014-0050
      • statusCandidate
      • descriptionMultipartStream.java in Apache Commons FileUpload before 1.3.1, as used in Apache Tomcat, JBoss Web, and other products, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted Content-Type header that bypasses a loop"s intended exit conditions.
      • phaseAssigned (20131203)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id29001
      • nameCVE-2014-0058
      • descriptionThe security audit functionality in Red Hat JBoss Enterprise Application Platform (EAP) 6.x before 6.2.1 logs request parameters in plaintext, which might allow local users to obtain passwords by reading the log files.
      • reject(null)
      • CVSS_version2
      • CVSS_score1.9
      • severityLow
      • CVSS_base_score1.9
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-02-26
      • modified_date2017-01-06
      • typeCVE
      • seq2014-0058
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id12630
      • nameJVNDB-2014-001505
      • titleMcAfee ePolicy Orchestrator の Import and Export Framework における任意のファイルを読まれる脆弱性
      • summaryMcAfee ePolicy Orchestrator (ePO) の Import and Export Framework には、任意のファイルを読まれる脆弱性が存在します。
      • cveinfo_nameCVE-2014-2205
      • cveinfo_id69492
      • nvdinfo_nameCVE-2014-2205
      • nvdinfo_id30674
      • cvssv26.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-001505.html
      • published_date2014-02-24
      • registered_date2014-03-03
      • last_updated_date2014-03-03
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id69492
      • nameCVE-2014-2197
      • statusCandidate
      • descriptionThe Administration GUI in the web framework in Cisco Unified Communications Domain Manager (CDM) in Unified CDM Application Software before 8.1.4 does not properly implement access control, which allows remote authenticated users to modify administrative credentials via a crafted URL, aka Bug ID CSCun49862.
      • phaseAssigned (20140225)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id30674
      • nameCVE-2014-2205
      • descriptionThe Import and Export Framework in McAfee ePolicy Orchestrator (ePO) before 4.6.7 Hotfix 940148 allows remote authenticated users with permissions to add dashboards to read arbitrary files by importing a crafted XML file, related to an XML External Entity (XXE) issue.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.3
      • severityMedium
      • CVSS_base_score6.3
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore6.8
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:S/C:C/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2014-02-26
      • modified_date2014-03-05
      • typeCVE
      • seq2014-2205
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id18779
      • nameJVNDB-2014-007654
      • titleSendy の /app における SQL インジェクションの脆弱性
      • summarySendy の /app には、SQL インジェクションの脆弱性が存在します。
      • cveinfo_nameCVE-2014-100012
      • cveinfo_id68415
      • nvdinfo_nameCVE-2014-100012
      • nvdinfo_id29833
      • cvssv27.5
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007654.html
      • published_date2014-02-24
      • registered_date2015-01-19
      • last_updated_date2015-01-19
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id68415
      • nameCVE-2014-100005
      • statusCandidate
      • descriptionMultiple cross-site request forgery (CSRF) vulnerabilities in D-Link DIR-600 router (rev. Bx) with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account or (2) enable remote management via a crafted configuration module to hedwig.cgi, (3) activate new configuration settings via a SETCFG,SAVE,ACTIVATE action to pigwidgeon.cgi, or (4) send a ping via a ping action to diagnostic.php.
      • phaseAssigned (20150113)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id29833
      • nameCVE-2014-100012
      • descriptionSQL injection vulnerability in /app in Sendy 1.1.8.4 allows remote attackers to execute arbitrary SQL commands via the i parameter.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2015-01-13
      • modified_date2015-01-14
      • typeCVE
      • seq2014-100012
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id18781
      • nameJVNDB-2014-007656
      • titleSavsoft Quiz の index.php/user_data/insert_user におけるクロスサイトリクエストフォージェリの脆弱性
      • summarySavsoft Quiz の index.php/user_data/insert_user には、クロスサイトリクエストフォージェリの脆弱性が存在します。
      • cveinfo_nameCVE-2014-100025
      • cveinfo_id68429
      • nvdinfo_nameCVE-2014-100025
      • nvdinfo_id29847
      • cvssv26.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-007656.html
      • published_date2014-02-24
      • registered_date2015-01-19
      • last_updated_date2015-01-19
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id68429
      • nameCVE-2014-100018
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in the Unconfirmed plugin before 1.2.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the s parameter in the unconfirmed page to wp-admin/network/users.php.
      • phaseAssigned (20150113)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id29847
      • nameCVE-2014-100025
      • descriptionCross-site request forgery (CSRF) vulnerability in index.php/user_data/insert_user in Savsoft Quiz allows remote attackers to hijack the authentication of administrators for requests that create an administrator account via a crafted request.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.8
      • severityMedium
      • CVSS_base_score6.8
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2015-01-13
      • modified_date2015-01-29
      • typeCVE
      • seq2014-100025
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:4602/sort:published_date/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:4602/sort:published_date/direction:desc
Remote Port	61486
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.55
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.2.12.50
Http Via	1.1 squid-proxy-5b5d847c96-8pn8c (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Suspectharddos	1
Suspectdos	1
X Dostranslated Ip	216.73.216.55
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.55
Unique Id	aN_UrYVUa1jW0ymwdDMJsgAAAVc
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Suspectharddos	1
Redirect Suspectdos	1
Redirect X Dostranslated Ip	216.73.216.55
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.55
Redirect Unique Id	aN_UrYVUa1jW0ymwdDMJsgAAAVc
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect Suspectharddos	1
Redirect Redirect Suspectdos	1
Redirect Redirect X Dostranslated Ip	216.73.216.55
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.55
Redirect Redirect Unique Id	aN_UrYVUa1jW0ymwdDMJsgAAAVc
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759499437.2792
Request Time	1759499437

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php