JVN/CVE Demo: Jvninfos

JVN List

Name	Title	Summary	Cveinfo	Cvssv2	Jvnurl	Published Date	Last Updated Date	Actions
JVNDB-2011-003409	HP ALM 内の getInstalledPackages 関数における権限を取得される脆弱性	AIX、HP-UX、および Solaris 上で稼働する HP Application Lifecycle Management (ALM) 内の getInstalledPackages 関数には、権限を取得される脆弱性が存在します。	CVE-2011-4834	4.6	http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003409.html	2011-12-15	2011-12-19	View
JVNDB-2007-003365	Kiwi CatTools における重要な情報を取得される脆弱性	Kiwi CatTools は、パスワード、アカウント名、および kiwidb-cattools.kdb 内の IP アドレスに弱い暗号化 ("可逆エンコーディング") を使用するため、重要な情報を取得される脆弱性が存在します。	CVE-2007-0889	4.6	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003365.html	2007-02-12	2012-09-25	View
JVNDB-2007-006182	Zomplog の admin/upload_files.php における任意の PHP ファイルを実行される脆弱性	Zomplog の admin/upload_files.php は、ファイルをアップロードされることにより、任意の PHP ファイルを実行される脆弱性が存在します。	CVE-2007-5231	4.6	http://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006182.html	2007-10-05	2012-12-20	View
JVNDB-2006-001036	Verity サードパーティライブラリにおける任意のコードを実行される脆弱性	Adobe ColdFusion MX およびその他の製品で使用される Verity サードパーティライブラリには、任意のコードを実行される脆弱性が存在します。	CVE-2006-3978	4.6	http://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001036.html	2006-10-10	2012-06-26	View
JVNDB-2017-001789	Veritas NetBackup および NetBackup アプライアンスにおけるローカルで任意のコマンドを実行される脆弱性	Veritas NetBackup および NetBackup アプライアンスには、bpcd および bpnbat を使用する場合、ローカルで任意のコマンドを実行される脆弱性が存在します。	CVE-2017-6401	4.6	http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-001789.html	2017-02-28	2017-03-17	View

Page 4710 of 13768, showing 5 records out of 68839 total, starting on record 23546, ending on 23550

<<first <prev 4706 | 4707 | 4708 | 4709 | 4710 | 4711 | 4712 | 4713 | 4714 next> last>>

Actions

List NVD

History
+
Request History
4 previous requests available
====
Session
+
Session
- 0(null)
====
Request
+
Request

Cake Params
- plugin(null)
- controllerjvninfos
- actionindex
- named(array)
  page4710
  sortcvssv2
  directionasc
- pass(empty)
- paging(array)
  Jvninfo(array)
  page4710
  current5
  count68839
  prevPage(true)
  nextPage(true)
  pageCount13768
  order(array)
  Jvninfo.cvssv2asc
  limit5
  options(array)
  page4710
  order(array)
  Jvninfo.cvssv2asc
  sortcvssv2
  directionasc
  conditions(empty)
  paramTypenamed
Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route
- keys(array)
  0controller
  1action
- options(array)
  defaultRoute(true)
- defaults(array)
  plugin(null)
- template/:controller/:action/*
====
Sql Log
+

Sql Logs

default
No query logs.

====

Timer

+

Memory

Peak Memory Use 3.99 MB

Message	Memory use
Component initialization	1.39 MB
Controller action start	1.49 MB
Controller render start	2.28 MB
View render complete	2.78 MB

Timers

Total Request Time: 267 (ms)

Message	Time in ms	Graph
Core Processing (Derived from $_SERVER["REQUEST_TIME"])	3.07
Event: Controller.initialize	0.02
Event: Controller.startup	0.07
Controller action	247.50
Event: Controller.beforeRender	4.84
» Processing toolbar data	4.76
Rendering View	6.31
» Event: View.beforeRender	0.03
» Rendering APP/View/Jvninfos/index.ctp	5.42
» Event: View.afterRender	0.02
» Event: View.beforeLayout	0.02
» Rendering APP/View/Layouts/default.ctp	0.48
» » Rendering CORE/Cake/View/Elements/sql_dump.ctp	0.08
Event: View.afterLayout	0.00

====

Log
+

Logs

There were no log entries made this request

====
Variables
+
View Variables
- jvninfos(array)
  0(array)
  Jvninfo(array)
  id33169
  nameJVNDB-2011-003409
  titleHP ALM 内の getInstalledPackages 関数における権限を取得される脆弱性
  summaryAIX、HP-UX、および Solaris 上で稼働する HP Application Lifecycle Management (ALM) 内の getInstalledPackages 関数には、権限を取得される脆弱性が存在します。
  cveinfo_nameCVE-2011-4834
  cveinfo_id52741
  nvdinfo_nameCVE-2011-4834
  nvdinfo_id11172
  cvssv24.6
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-003409.html
  published_date2011-12-15
  registered_date2011-12-19
  last_updated_date2011-12-19
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id52741
  nameCVE-2011-4829
  statusCandidate
  descriptionSQL injection vulnerability in the com_listing component in Barter Sites component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the category_id parameter to index.php.
  phaseAssigned (20111214)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id11172
  nameCVE-2011-4834
  descriptionThe GetInstalledPackages function in the configuration tool in HP Application Lifestyle Management (ALM) 11 on AIX, HP-UX, and Solaris allows local users to gain privileges via (1) a Trojan horse /tmp/tmp.txt FIFO or (2) a symlink attack on /tmp/tmp.txt.
  reject(null)
  CVSS_version2
  CVSS_score4.6
  severityMedium
  CVSS_base_score4.6
  CVSS_impact_subscore6.4
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:L/Au:N/C:P/I:P/A:P)
  sourcecve
  pub_date2017-01-07
  published2011-12-14
  modified_date2011-12-15
  typeCVE
  seq2011-4834
  deleted(null)
  created(null)
  modified(null)
  1(array)
  Jvninfo(array)
  id54673
  nameJVNDB-2007-003365
  titleKiwi CatTools における重要な情報を取得される脆弱性
  summaryKiwi CatTools は、パスワード、アカウント名、および kiwidb-cattools.kdb 内の IP アドレスに弱い暗号化 ("可逆エンコーディング") を使用するため、重要な情報を取得される脆弱性が存在します。
  cveinfo_nameCVE-2007-0889
  cveinfo_id24244
  nvdinfo_nameCVE-2007-0889
  nvdinfo_id53105
  cvssv24.6
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003365.html
  published_date2007-02-12
  registered_date2012-09-25
  last_updated_date2012-09-25
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id24244
  nameCVE-2007-0887
  statusCandidate
  descriptionaxigen 1.2.6 through 2.0.0b1 does not properly parse login credentials, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a base64-encoded "*x00" sequence on the imap port (143/tcp).
  phaseAssigned (20070212)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id53105
  nameCVE-2007-0889
  descriptionKiwi CatTools before 3.2.0 beta uses weak encryption ("reversible encoding") for passwords, account names, and IP addresses in kiwidb-cattools.kdb, which might allow local users to gain sensitive information by decrypting the file. NOTE: this issue could be leveraged with a directory traversal vulnerability for a remote attack vector.
  reject(null)
  CVSS_version2
  CVSS_score4.6
  severityMedium
  CVSS_base_score4.6
  CVSS_impact_subscore6.4
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:L/Au:N/C:P/I:P/A:P)
  sourcecve
  pub_date2017-01-07
  published2007-02-12
  modified_date2008-11-15
  typeCVE
  seq2007-0889
  deleted(null)
  created(null)
  modified(null)
  2(array)
  Jvninfo(array)
  id57490
  nameJVNDB-2007-006182
  titleZomplog の admin/upload_files.php における任意の PHP ファイルを実行される脆弱性
  summaryZomplog の admin/upload_files.php は、ファイルをアップロードされることにより、任意の PHP ファイルを実行される脆弱性が存在します。
  cveinfo_nameCVE-2007-5231
  cveinfo_id28586
  nvdinfo_nameCVE-2007-5231
  nvdinfo_id57307
  cvssv24.6
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-006182.html
  published_date2007-10-05
  registered_date2012-12-20
  last_updated_date2012-12-20
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id28586
  nameCVE-2007-5229
  statusCandidate
  descriptionCross-site request forgery (CSRF) vulnerability in the FeedBurner FeedSmith 2.2 plugin for WordPress allows remote attackers to change settings and hijack blog feeds via a request to wp-admin/options-general.php that submits parameter values to FeedBurner_FeedSmith_Plugin.php, as demonstrated by the (1) feedburner_url and (2) feedburner_comments_url parameters.
  phaseAssigned (20071005)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id57307
  nameCVE-2007-5231
  descriptionUnrestricted file upload vulnerability in admin/upload_files.php in Zomplog 3.8.1 and earlier allows remote authenticated administrators to upload and execute arbitrary .php files by sending a modified MIME type. NOTE: this can be exploited by unauthenticated attackers by leveraging CVE-2007-5230.
  reject(null)
  CVSS_version2
  CVSS_score4.6
  severityMedium
  CVSS_base_score4.6
  CVSS_impact_subscore6.4
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:N/AC:H/Au:S/C:P/I:P/A:P)
  sourcecve
  pub_date2017-01-07
  published2007-10-05
  modified_date2008-09-05
  typeCVE
  seq2007-5231
  deleted(null)
  created(null)
  modified(null)
  3(array)
  Jvninfo(array)
  id58770
  nameJVNDB-2006-001036
  titleVerity サードパーティライブラリにおける任意のコードを実行される脆弱性
  summaryAdobe ColdFusion MX およびその他の製品で使用される Verity サードパーティライブラリには、任意のコードを実行される脆弱性が存在します。
  cveinfo_nameCVE-2006-3978
  cveinfo_id20080
  nvdinfo_nameCVE-2006-3978
  nvdinfo_id62636
  cvssv24.6
  cvssv3(null)
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2006/JVNDB-2006-001036.html
  published_date2006-10-10
  registered_date2012-06-26
  last_updated_date2012-06-26
  deleted(null)
  created0000-00-00 00:00:00
  modified(null)
  Cveinfo(array)
  id20080
  nameCVE-2006-3976
  statusCandidate
  descriptionUnspecified vulnerability in CA eTrust Antivirus WebScan before 1.1.0.1048 allows remote attackers to install arbitrary files.
  phaseAssigned (20060802)
  votesNone (candidate not yet proposed)
  comments(null)
  deleted(null)
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
  Nvdinfo(array)
  id62636
  nameCVE-2006-3978
  descriptionUnspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors.
  reject(null)
  CVSS_version2
  CVSS_score4.6
  severityMedium
  CVSS_base_score4.6
  CVSS_impact_subscore6.4
  CVSS_exploit_subscore3.9
  nvd_xml_version(null)
  CVSS_vector(AV:L/AC:L/Au:N/C:P/I:P/A:P)
  sourcecve
  pub_date2016-12-20
  published2006-10-10
  modified_date2011-03-07
  typeCVE
  seq2006-3978
  deleted(null)
  created(null)
  modified(null)
  4(array)
  Jvninfo(array)
  id65426
  nameJVNDB-2017-001789
  titleVeritas NetBackup および NetBackup アプライアンスにおけるローカルで任意のコマンドを実行される脆弱性
  summaryVeritas NetBackup および NetBackup アプライアンスには、bpcd および bpnbat を使用する場合、ローカルで任意のコマンドを実行される脆弱性が存在します。
  cveinfo_nameCVE-2017-6401
  cveinfo_id(null)
  nvdinfo_nameCVE-2017-6401
  nvdinfo_id83328
  cvssv24.6
  cvssv37.8
  jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-001789.html
  published_date2017-02-28
  registered_date2017-03-17
  last_updated_date2017-03-17
  deleted(null)
  created0000-00-00 00:00:00
  modified2017-03-30 11:18:52
  Cveinfo(array)
  id(null)
  name(null)
  status(null)
  description(null)
  phase(null)
  votes(null)
  comments(null)
  deleted(null)
  created(null)
  modified(null)
  Nvdinfo(array)
  id83328
  nameCVE-2017-6401
  descriptionAn issue was discovered in Veritas NetBackup before 8.0 and NetBackup Appliance before 3.0. Local arbitrary command execution can occur when using bpcd and bpnbat.
  reject
  CVSS_version2
  CVSS_score4.6
  severityMedium
  CVSS_base_score4.6
  CVSS_impact_subscore6.4
  CVSS_exploit_subscore3.9
  nvd_xml_version
  CVSS_vector(AV:L/AC:L/Au:N/C:P/I:P/A:P)
  sourcecve
  pub_date2017-03-18
  published2017-03-02
  modified_date2017-03-06
  typeCVE
  seq2017-6401
  deleted0000-00-00 00:00:00
  created0000-00-00 00:00:00
  modified0000-00-00 00:00:00
- $request->data(empty)
- $this->validationErrors(array)
  Jvninfo(empty)
  Cveinfo(empty)
  Nvdinfo(empty)
- Loaded Helpers(array)
  0Number
  1SimpleGraph
  2Paginator
  3DebugTimer
  4Toolbar
  5Html
  6Text
  7Form
  8Session
  9HtmlToolbar
====

+

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:4710/sort:cvssv2/direction:asc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:4710/sort:cvssv2/direction:asc
Remote Port	17516
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.223
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.148.26
Http Via	1.1 squid-proxy-5b5d847c96-7f7gz (squid/6.13)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	/
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.223
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.223
Unique Id	aOI-D5Lr36-qfLo2IMQAhAAAAbE
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.223
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.223
Redirect Unique Id	aOI-D5Lr36-qfLo2IMQAhAAAAbE
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.223
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.223
Redirect Redirect Unique Id	aOI-D5Lr36-qfLo2IMQAhAAAAbE
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1759657487.6543
Request Time	1759657487

====

Include
+
Included Files

Include Paths
- 0/virtual/inogo77/public_html/jvn/lib
- 2/opt/remi/php56/root/usr/share/pear
- 3/opt/remi/php56/root/usr/share/php
- 4/usr/share/pear
- 5/usr/share/php
- 6-> /virtual/inogo77/public_html/jvn/lib/Cake/
Included Files
- core(array)
  Cache(array)
  0CORE/Cache/Cache.php
  1CORE/Cache/Engine/FileEngine.php
  2CORE/Cache/CacheEngine.php
  Component(array)
  0CORE/Controller/Component/SessionComponent.php
  1CORE/Controller/Component/PaginatorComponent.php
  Config(array)
  0CORE/Config/routes.php
  1CORE/Config/config.php
  Controller(array)
  0CORE/Controller/Controller.php
  1CORE/Controller/ComponentCollection.php
  2CORE/Controller/Component.php
  Datasource(array)
  0CORE/Model/Datasource/CakeSession.php
  1CORE/Model/Datasource/Database/Mysql.php
  2CORE/Model/Datasource/DboSource.php
  3CORE/Model/Datasource/DataSource.php
  Error(array)
  0CORE/Error/exceptions.php
  1CORE/Error/ErrorHandler.php
  I18n(array)
  0CORE/I18n/I18n.php
  1CORE/I18n/L10n.php
  Log(array)
  0CORE/Log/CakeLog.php
  1CORE/Log/LogEngineCollection.php
  2CORE/Log/Engine/FileLog.php
  3CORE/Log/Engine/BaseLog.php
  4CORE/Log/CakeLogInterface.php
  Model(array)
  0CORE/Model/Model.php
  1CORE/Model/BehaviorCollection.php
  2CORE/Model/ConnectionManager.php
  Network(array)
  0CORE/Network/CakeRequest.php
  1CORE/Network/CakeResponse.php
  Other(array)
  0CORE/bootstrap.php
  1CORE/basics.php
  2CORE/Core/App.php
  3CORE/Core/Configure.php
  4CORE/Core/CakePlugin.php
  5CORE/Event/CakeEventListener.php
  6CORE/Event/CakeEvent.php
  7CORE/Event/CakeEventManager.php
  8CORE/Core/Object.php
  Routing(array)
  0CORE/Routing/Dispatcher.php
  1CORE/Routing/Filter/AssetDispatcher.php
  2CORE/Routing/DispatcherFilter.php
  3CORE/Routing/Filter/CacheDispatcher.php
  4CORE/Routing/Router.php
  5CORE/Routing/Route/CakeRoute.php
  6CORE/Routing/Route/PluginShortRoute.php
  Utility(array)
  0CORE/Utility/Hash.php
  1CORE/Utility/Inflector.php
  2CORE/Utility/ObjectCollection.php
  3CORE/Utility/Debugger.php
  4CORE/Utility/String.php
  5CORE/Utility/ClassRegistry.php
  View(array)
  0CORE/View/HelperCollection.php
- app(array)
  Component(array)
  0APP/Controller/Component/CommonComponent.php
  Config(array)
  0APP/Config/core.php
  1APP/Config/bootstrap.php
  2APP/Config/routes.php
  3APP/Config/database.php
  Controller(array)
  0APP/Controller/JvninfosController.php
  1APP/Controller/AppController.php
  Model(array)
  0APP/Model/Jvninfo.php
  1APP/Model/AppModel.php
  2APP/Model/Cveinfo.php
  3APP/Model/Nvdinfo.php
  Other(array)
  0APP/webroot/index.php
- plugins(array)
  DebugKit(array)
  Component(array)
  0DebugKit/Controller/Component/ToolbarComponent.php
  Other(array)
  0DebugKit/Lib/DebugMemory.php
  1DebugKit/Lib/Panel/HistoryPanel.php
  2DebugKit/Lib/DebugPanel.php
  3DebugKit/Lib/Panel/SessionPanel.php
  4DebugKit/Lib/Panel/RequestPanel.php
  5DebugKit/Lib/Panel/SqlLogPanel.php
  6DebugKit/Lib/Panel/TimerPanel.php
  7DebugKit/Lib/Panel/LogPanel.php
  8DebugKit/Lib/Panel/VariablesPanel.php
  9DebugKit/Lib/Panel/EnvironmentPanel.php
  10DebugKit/Lib/Panel/IncludePanel.php
  11DebugKit/Lib/DebugTimer.php
  Log(array)
  0DebugKit/Lib/Log/Engine/DebugKitLog.php
====