Request History

4 previous requests available

• Restore to current request
• nvdreves/view/106973
• nvdreves/view/20618
• nvdinfos/index/page:658/sort:modified_date/direction:desc
• nvdreves/view/264700

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page568
  • sortcvssv2
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page568
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cvssv2desc
    • limit5
    • options(array)
      • page568
      • order(array)
        • Jvninfo.cvssv2desc
      • sortcvssv2
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id49279
      • nameJVNDB-2008-004589
      • titleHedgehog-CMS の includes/header.php におけるディレクトリトラバーサルの脆弱性
      • summaryHedgehog-CMS の includes/header.php には、ディレクトリトラバーサルの脆弱性が存在します。
      • cveinfo_nameCVE-2008-2898
      • cveinfo_id33011
      • nvdinfo_nameCVE-2008-2898
      • nvdinfo_id2792
      • cvssv29.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004589.html
      • published_date2008-06-27
      • registered_date2012-09-25
      • last_updated_date2012-09-25
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id33011
      • nameCVE-2008-2894
      • statusCandidate
      • descriptionDirectory traversal vulnerability in the FTP client in NCH Software Classic FTP 1.02 for Windows allows remote FTP servers to create or overwrite arbitrary files via a .. (dot dot) in a response to a LIST command, a related issue to CVE-2002-1345.
      • phaseAssigned (20080627)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id2792
      • nameCVE-2008-2898
      • descriptionDirectory traversal vulnerability in includes/header.php in Hedgehog-CMS 1.21 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the c_temp_path parameter. NOTE: in some environments, this can be leveraged for remote file inclusion by using a UNC share pathname or an ftp, ftps, or ssh2.sftp URL.
      • reject(null)
      • CVSS_version2
      • CVSS_score9.3
      • severityHigh
      • CVSS_base_score9.3
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-03
      • published2008-06-27
      • modified_date2009-04-14
      • typeCVE
      • seq2008-2898
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id51839
      • nameJVNDB-2007-000502
      • titleMicrosoft .NET Framework の PE ローダにおけるバッファオーバーフローの脆弱性
      • summaryMicrosoft .NET Framework の PE ローダには、特定のメッセージ長を適切に検査しないために、バッファオーバーフローが発生する脆弱性が存在します。
      • cveinfo_nameCVE-2007-0041
      • cveinfo_id23396
      • nvdinfo_nameCVE-2007-0041
      • nvdinfo_id52274
      • cvssv29.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-000502.html
      • published_date2007-07-10
      • registered_date2007-07-18
      • last_updated_date2009-06-24
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id23396
      • nameCVE-2007-0039
      • statusCandidate
      • descriptionThe Exchange Collaboration Data Objects (EXCDO) functionality in Microsoft Exchange Server 2000 SP3, 2003 SP1 and SP2, and 2007 allows remote attackers to cause a denial of service (crash) via an Internet Calendar (iCal) file containing multiple X-MICROSOFT-CDO-MODPROPS (MODPROPS) properties in which the second MODPROPS is longer than the first, which triggers a NULL pointer dereference and an unhandled exception.
      • phaseAssigned (20070103)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id52274
      • nameCVE-2007-0041
      • descriptionThe PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow.
      • reject(null)
      • CVSS_version2
      • CVSS_score9.3
      • severityHigh
      • CVSS_base_score9.3
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2007-07-10
      • modified_date2012-10-30
      • typeCVE
      • seq2007-0041
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id52351
      • nameJVNDB-2007-001041
      • titleApple Mac OS X の ColorSync におけるメモリ破壊の脆弱性
      • summaryApple Mac OS X には、ColorSync プロファイルを読み込んだ画像ファイルの処理に不備があるために、メモリ破壊の脆弱性が存在します。
      • cveinfo_nameCVE-2007-4710
      • cveinfo_id28065
      • nvdinfo_nameCVE-2007-4710
      • nvdinfo_id56829
      • cvssv29.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-001041.html
      • published_date2007-12-19
      • registered_date2008-01-07
      • last_updated_date2008-01-07
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id28065
      • nameCVE-2007-4708
      • statusCandidate
      • descriptionFormat string vulnerability in Address Book in Apple Mac OS X 10.4.11 allows remote attackers to execute arbitrary code via the URL handler.
      • phaseAssigned (20070905)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id56829
      • nameCVE-2007-4710
      • descriptionUnspecified vulnerability in ColorSync in Apple Mac OS X 10.4.11 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via an image with a crafted ColorSync profile, which triggers memory corruption.
      • reject(null)
      • CVSS_version2
      • CVSS_score9.3
      • severityHigh
      • CVSS_base_score9.3
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2007-12-19
      • modified_date2011-03-07
      • typeCVE
      • seq2007-4710
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id62335
      • nameJVNDB-2005-000537
      • titleWebmin および Usermin における認証回避の脆弱性
      • summaryウェブベースの UNIX 用システム管理ツールである Webmin および Usermin には、PAM 認証を利用している場合、遠隔の第三者が、Webmin および Usermin の認証を回避できる脆弱性があります。
      • cveinfo_nameCVE-2005-3042
      • cveinfo_id14246
      • nvdinfo_nameCVE-2005-3042
      • nvdinfo_id68706
      • cvssv29.3
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2005/JVNDB-2005-000537.html
      • published_date2005-09-20
      • registered_date2007-04-01
      • last_updated_date2007-05-14
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id14246
      • nameCVE-2005-3040
      • statusCandidate
      • descriptionDirectory traversal vulnerability in the web interface (ISALogin.dll) for TAC Vista 4.0, and possibly other versions before 4.3, allows remote attackers to read arbitrary files via ".." sequences in the Template parameter.
      • phaseAssigned (20050922)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id68706
      • nameCVE-2005-3042
      • descriptionminiserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharacters (line feed or carriage return).
      • reject(null)
      • CVSS_version2
      • CVSS_score7.5
      • severityHigh
      • CVSS_base_score7.5
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-03
      • published2005-09-22
      • modified_date2011-03-07
      • typeCVE
      • seq2005-3042
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id65664
      • nameJVNDB-2017-002003
      • titleメディアサーバにおけるリモートでコードを実行される脆弱性
      • summaryメディアサーバには、リモートでコードを実行される脆弱性が存在します。
      • cveinfo_nameCVE-2017-0474
      • cveinfo_id(null)
      • nvdinfo_nameCVE-2017-0474
      • nvdinfo_id83084
      • cvssv29.3
      • cvssv37.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-002003.html
      • published_date2017-03-06
      • registered_date2017-03-27
      • last_updated_date2017-03-27
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified2017-04-28 16:25:13
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id83084
      • nameCVE-2017-0474
      • descriptionA remote code execution vulnerability in Mediaserver could enable an attacker using a specially crafted file to cause memory corruption during media file and data processing. This issue is rated as Critical due to the possibility of remote code execution within the context of the Mediaserver process. Product: Android. Versions: 7.0, 7.1.1. Android ID: A-32589224.
      • reject
      • CVSS_version2
      • CVSS_score9.3
      • severityHigh
      • CVSS_base_score9.3
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8.6
      • nvd_xml_version
      • CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-07-18
      • published2017-03-07
      • modified_date2017-07-17
      • typeCVE
      • seq2017-0474
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:568/sort:cvssv2/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:568/sort:cvssv2/direction:desc
Remote Port	31412
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	3.145.201.156
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	3.145.201.156
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	3.145.201.156
Unique Id	aChdeapliwOF_HFFkOyaSgAAAWY
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	3.145.201.156
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	3.145.201.156
Redirect Unique Id	aChdeapliwOF_HFFkOyaSgAAAWY
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	3.145.201.156
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	3.145.201.156
Redirect Redirect Unique Id	aChdeapliwOF_HFFkOyaSgAAAWY
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747475833.0273
Request Time	1747475833

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php