Request History

4 previous requests available

• Restore to current request
• nvdreves/view/347591
• cvereves/view/402976
• nvdreves/view/328904
• nvdreves/view/42817

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page602
  • sortcveinfo_id
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page602
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cveinfo_iddesc
    • limit5
    • options(array)
      • page602
      • order(array)
        • Jvninfo.cveinfo_iddesc
      • sortcveinfo_id
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id3919
      • nameJVNDB-2016-004692
      • titleMicrosoft Windows 10 の Graphics Device Interface における任意のコードを実行される脆弱性
      • summaryMicrosoft Windows 10 の Graphics Device Interface (GDI) には、任意のコードを実行される、またはサービス運用妨害 (メモリ破損) 状態にされる脆弱性が存在します。
      • cveinfo_nameCVE-2016-3356
      • cveinfo_id89862
      • nvdinfo_nameCVE-2016-3356
      • nvdinfo_id19172
      • cvssv29.3
      • cvssv37.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004692.html
      • published_date2016-09-13
      • registered_date2016-09-15
      • last_updated_date2016-09-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89862
      • nameCVE-2016-3043
      • statusCandidate
      • descriptionIBM Security Access Manager for Web could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques.
      • phaseAssigned (20160309)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id19172
      • nameCVE-2016-3356
      • descriptionThe Graphics Device Interface (GDI) in Microsoft Windows 10 1607 allows remote attackers to execute arbitrary code via a crafted document, aka "GDI Remote Code Execution Vulnerability."
      • reject(null)
      • CVSS_version2
      • CVSS_score9.3
      • severityHigh
      • CVSS_base_score9.3
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-14
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3356
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id3918
      • nameJVNDB-2016-004691
      • title複数の Microsoft Windows 製品の Graphics Device Interface における権限昇格の脆弱性
      • summary複数の Microsoft Windows 製品の Graphics Device Interface (GDI) には、権限を取得される脆弱性が存在します。
      • cveinfo_nameCVE-2016-3355
      • cveinfo_id89861
      • nvdinfo_nameCVE-2016-3355
      • nvdinfo_id19171
      • cvssv27.2
      • cvssv37.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004691.html
      • published_date2016-09-13
      • registered_date2016-09-15
      • last_updated_date2016-09-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89861
      • nameCVE-2016-3042
      • statusCandidate
      • descriptionCross-site scripting (XSS) vulnerability in the Web UI in IBM WebSphere Application Server (WAS) Liberty before 16.0.0.3 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving OpenID Connect clients.
      • phaseAssigned (20160309)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id19171
      • nameCVE-2016-3355
      • descriptionThe Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to gain privileges via a crafted application, aka "GDI Elevation of Privilege Vulnerability."
      • reject(null)
      • CVSS_version2
      • CVSS_score7.2
      • severityHigh
      • CVSS_base_score7.2
      • CVSS_impact_subscore10
      • CVSS_exploit_subscore3.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:L/Au:N/C:C/I:C/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-14
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3355
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id3917
      • nameJVNDB-2016-004690
      • title複数の Microsoft Windows 製品の Graphics Device Interface における ASLR 保護メカニズムを回避される脆弱性
      • summary複数の Microsoft Windows 製品の Graphics Device Interface (GDI) には、ASLR 保護メカニズムを回避される脆弱性が存在します。
      • cveinfo_nameCVE-2016-3354
      • cveinfo_id89860
      • nvdinfo_nameCVE-2016-3354
      • nvdinfo_id19170
      • cvssv24.3
      • cvssv33.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004690.html
      • published_date2016-09-13
      • registered_date2016-09-15
      • last_updated_date2016-09-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89860
      • nameCVE-2016-3041
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20160309)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id19170
      • nameCVE-2016-3354
      • descriptionThe Graphics Device Interface (GDI) in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "GDI Information Disclosure Vulnerability."
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-14
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3354
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id3910
      • nameJVNDB-2016-004683
      • titleMicrosoft Internet Explorer 9 から 11 におけるアクセス制限を回避される脆弱性
      • summaryMicrosoft Internet Explorer 9 から 11 は、インターネットゾーンからの .url ファイルを誤って処理するため、アクセス制限を回避される脆弱性が存在します。
      • cveinfo_nameCVE-2016-3353
      • cveinfo_id89859
      • nvdinfo_nameCVE-2016-3353
      • nvdinfo_id19169
      • cvssv25.1
      • cvssv38.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004683.html
      • published_date2016-09-13
      • registered_date2016-09-15
      • last_updated_date2016-09-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89859
      • nameCVE-2016-3040
      • statusCandidate
      • descriptionIBM WebSphere Application Server (WAS) Liberty, as used in IBM Security Privileged Identity Manager (ISPIM) Virtual Appliance 2.x before 2.0.2 FP8, allows remote authenticated users to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
      • phaseAssigned (20160309)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id19169
      • nameCVE-2016-3353
      • descriptionMicrosoft Internet Explorer 9 through 11 mishandles .url files from the Internet zone, which allows remote attackers to bypass intended access restrictions via a crafted file, aka "Internet Explorer Security Feature Bypass."
      • reject(null)
      • CVSS_version2
      • CVSS_score5.1
      • severityMedium
      • CVSS_base_score5.1
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore4.9
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:H/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-14
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3353
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id3921
      • nameJVNDB-2016-004694
      • title複数の Microsoft Windows 製品におけるパスワードを特定される脆弱性
      • summaryMicrosoft Windows 8.1、Windows RT 8.1、および Windows 10 は、Microsoft Account (MSA) ログインの NT LAN Manager (NTLM) シングルサインオン (SSO) リクエストを適切に検証しないため、パスワードを特定される脆弱性が存在します。
      • cveinfo_nameCVE-2016-3352
      • cveinfo_id89858
      • nvdinfo_nameCVE-2016-3352
      • nvdinfo_id19168
      • cvssv24.3
      • cvssv38.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004694.html
      • published_date2016-09-13
      • registered_date2016-09-15
      • last_updated_date2016-09-15
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id89858
      • nameCVE-2016-3039
      • statusCandidate
      • descriptionIBM Traveler 8.x and 9.x before 9.0.1.12 allows remote authenticated users to read arbitrary files or cause a denial of service (memory consumption) via XML data containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
      • phaseAssigned (20160309)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id19168
      • nameCVE-2016-3352
      • descriptionMicrosoft Windows 8.1, Windows RT 8.1, and Windows 10 Gold, 1511, and 1607 do not properly check NTLM SSO requests for MSA logins, which makes it easier for remote attackers to determine passwords via a brute-force attack on NTLM password hashes, aka "Microsoft Information Disclosure Vulnerability."
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:N/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2016-09-14
      • modified_date2016-11-28
      • typeCVE
      • seq2016-3352
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Http Connection	close
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:602/sort:cveinfo_id/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:602/sort:cveinfo_id/direction:desc
Remote Port	50770
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	13.59.156.144
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	13.59.156.144
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	13.59.156.144
Unique Id	aCpDQ689PvxDnhZocWT7QQAAAPg
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	13.59.156.144
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	13.59.156.144
Redirect Unique Id	aCpDQ689PvxDnhZocWT7QQAAAPg
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	13.59.156.144
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	13.59.156.144
Redirect Redirect Unique Id	aCpDQ689PvxDnhZocWT7QQAAAPg
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747600195.1621
Request Time	1747600195

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php