Request History

4 previous requests available

• Restore to current request
• cvereves/view/796187
• cvereves/view/143808
• jvninfos/view/8586
• nvdinfos/view/8686

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page692
  • sorttitle
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page692
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.titledesc
    • limit5
    • options(array)
      • page692
      • order(array)
        • Jvninfo.titledesc
      • sorttitle
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id3576
      • nameJVNDB-2016-004349
      • title特定の カスタム PHP の設定で使用される GD Graphics Library の gd_xbm.c におけるプロセスメモリから重要な情報を取得される脆弱性
      • summary特定の カスタム PHP の設定で使用される GD Graphics Library (別名 libgd) の gd_xbm.c には、プロセスメモリから重要な情報を取得される、またはサービス運用妨害 (スタックベースのバッファアンダーリードおよびアプリケーションクラッシュ) 状態にされる脆弱性が存在します。
      • cveinfo_nameCVE-2016-5116
      • cveinfo_id91622
      • nvdinfo_nameCVE-2016-5116
      • nvdinfo_id20462
      • cvssv26.4
      • cvssv39.1
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-004349.html
      • published_date2016-05-13
      • registered_date2016-08-17
      • last_updated_date2016-11-21
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id91622
      • nameCVE-2016-4803
      • statusCandidate
      • descriptionCRLF injection vulnerability in the send email functionality in dotCMS before 3.3.2 allows remote attackers to inject arbitrary email headers via CRLF sequences in the subject.
      • phaseAssigned (20160513)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id20462
      • nameCVE-2016-5116
      • descriptiongd_xbm.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in certain custom PHP 5.5.x configurations, allows context-dependent attackers to obtain sensitive information from process memory or cause a denial of service (stack-based buffer under-read and application crash) via a long name.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.4
      • severityMedium
      • CVSS_base_score6.4
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:P/I:N/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-08-07
      • modified_date2016-11-28
      • typeCVE
      • seq2016-5116
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id55183
      • nameJVNDB-2007-003875
      • title特定の Sun-Brocade SilkWorm スイッチの Linux kernel におけるサービス運用妨害 (DoS) の脆弱性
      • summary特定の Sun-Brocade SilkWorm スイッチの組込み型 Linux kernel は、ルート以外のユーザがカーネルプロセスを作成する状況を適切に処理しないため、サービス運用妨害 (oops およびデバイスリブート) 状態となる脆弱性が存在します。
      • cveinfo_nameCVE-2007-2764
      • cveinfo_id26119
      • nvdinfo_nameCVE-2007-2764
      • nvdinfo_id54928
      • cvssv27.8
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2007/JVNDB-2007-003875.html
      • published_date2007-05-18
      • registered_date2012-09-25
      • last_updated_date2012-09-25
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id26119
      • nameCVE-2007-2762
      • statusCandidate
      • descriptionMultiple PHP remote file inclusion vulnerabilities in Build it Fast (bif3) 0.4.1 allow remote attackers to execute arbitrary PHP code via a URL in (1) the pear_dir parameter to Base/Application.php, or the (2) sys_dir parameter to (a) Footer.php, (b) widget.BifContainer.php, (c) widget.BifRoot.php, (d) widget.BifRoot2.php, (e) widget.BifRoot3.php, or (f) widget.BifWarning.php in Widgets/Base/.
      • phaseAssigned (20070518)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id54928
      • nameCVE-2007-2764
      • descriptionThe embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score7.8
      • severityHigh
      • CVSS_base_score7.8
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore10
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:L/Au:N/C:N/I:N/A:C)
      • sourcecve
      • pub_date2017-01-07
      • published2007-05-18
      • modified_date2009-06-02
      • typeCVE
      • seq2007-2764
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id64479
      • nameJVNDB-2017-001051
      • title特定の Samsung Android デバイスのソフトウェア Android OS の system_server プロセスにおけるサービス運用妨害 (DoS) の脆弱性
      • summary特定の Samsung Android デバイスのソフトウェア Android OS の system_server プロセスには、サービス運用妨害 (継続的クラッシュ) 状態にされる脆弱性が存在します。
      • cveinfo_nameCVE-2017-5217
      • cveinfo_id(null)
      • nvdinfo_nameCVE-2017-5217
      • nvdinfo_id7110
      • cvssv27.1
      • cvssv35.5
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-001051.html
      • published_date2017-01-09
      • registered_date2017-01-17
      • last_updated_date2017-01-17
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id(null)
      • name(null)
      • status(null)
      • description(null)
      • phase(null)
      • votes(null)
      • comments(null)
      • deleted(null)
      • created(null)
      • modified(null)
    • Nvdinfo(array)
      • id7110
      • nameCVE-2017-5217
      • descriptionInstalling a zero-permission Android application on certain Samsung Android devices with KK(4.4), L(5.0/5.1), and M(6.0) software can continually crash the system_server process in the Android OS. The zero-permission app will create an active install session for a separate app that it has embedded within it. The active install session of the embedded app is performed using the android.content.pm.PackageInstaller class and its nested classes in the Android API. The active install session will write the embedded APK file to the /data/app directory, but the app will not be installed since third-party applications cannot programmatically install apps. Samsung has modified AOSP in order to accelerate the parsing of APKs by introducing the com.android.server.pm.PackagePrefetcher class and its nested classes. These classes will parse the APKs present in the /data/app directory and other directories, even if the app is not actually installed. The embedded APK that was written to the /data/app directory via the active install session has a very large but valid AndroidManifest.xml file. Specifically, the AndroidManifest.xml file contains a very large string value for the name of a permission-tree that it declares. When system_server tries to parse the APK file of the embedded app from the active install session, it will crash due to an uncaught error (i.e., java.lang.OutOfMemoryError) or an uncaught exception (i.e., std::bad_alloc) because of memory constraints. The Samsung Android device will encounter a soft reboot due to a system_server crash, and this action will keep repeating since parsing the APKs in the /data/app directory as performed by the system_server process is part of the normal boot process. The Samsung ID is SVE-2016-6917.
      • reject
      • CVSS_version2
      • CVSS_score7.1
      • severityHigh
      • CVSS_base_score7.1
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:N/A:C)
      • sourcecve
      • pub_date2017-01-19
      • published2017-01-09
      • modified_date2017-01-10
      • typeCVE
      • seq2017-5217
      • deleted0000-00-00 00:00:00
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
  • 3(array)
    • Jvninfo(array)
      • id21786
      • nameJVNDB-2013-003361
      • title特定の Red Hat パッチを適用した Red Hat Enterprise Linux におけるサービス運用妨害 (DoS) の脆弱性
      • summary特定の Red Hat パッチを適用した Red Hat Enterprise Linux (RHEL) 上で稼働するカーネルパッケージの KVM サブシステムは、PV EOI 機能を適切に実装していないため、サービス運用妨害 (ホスト OS クラッシュ) の脆弱性が存在します。
      • cveinfo_nameCVE-2013-1935
      • cveinfo_id61877
      • nvdinfo_nameCVE-2013-1935
      • nvdinfo_id38064
      • cvssv25.7
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003361.html
      • published_date2013-06-10
      • registered_date2013-07-17
      • last_updated_date2013-07-17
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id61877
      • nameCVE-2013-1930
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20130219)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id38064
      • nameCVE-2013-1935
      • descriptionA certain Red Hat patch to the KVM subsystem in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly implement the PV EOI feature, which allows guest OS users to cause a denial of service (host OS crash) by leveraging a time window during which interrupts are disabled but copy_to_user function calls are possible.
      • reject(null)
      • CVSS_version2
      • CVSS_score5.7
      • severityMedium
      • CVSS_base_score5.7
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore5.5
      • nvd_xml_version(null)
      • CVSS_vector(AV:A/AC:M/Au:N/C:N/I:N/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-07-16
      • modified_date2013-08-20
      • typeCVE
      • seq2013-1935
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id21787
      • nameJVNDB-2013-003362
      • title特定の Red Hat パッチを適用した Red Hat Enterprise Linux におけるサービス運用妨害 (DoS) の脆弱性
      • summary特定の Red Hat パッチを適用した Red Hat Enterprise Linux (RHEL) 上で稼働するカーネルパッケージの fs/namei.c 内の do_filp_open 関数は、書き込み権限の取得の失敗を適切に処理しないため、サービス運用妨害 (システムクラッシュ) の脆弱性が存在します。
      • cveinfo_nameCVE-2013-2188
      • cveinfo_id62130
      • nvdinfo_nameCVE-2013-2188
      • nvdinfo_id38282
      • cvssv24.7
      • cvssv3(null)
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003362.html
      • published_date2013-06-18
      • registered_date2013-07-17
      • last_updated_date2013-07-17
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id62130
      • nameCVE-2013-2183
      • statusCandidate
      • description** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
      • phaseAssigned (20130219)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id38282
      • nameCVE-2013-2188
      • descriptionA certain Red Hat patch to the do_filp_open function in fs/namei.c in the kernel package before 2.6.32-358.11.1.el6 on Red Hat Enterprise Linux (RHEL) 6 does not properly handle failure to obtain write permissions, which allows local users to cause a denial of service (system crash) by leveraging access to a filesystem that is mounted read-only.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.7
      • severityMedium
      • CVSS_base_score4.7
      • CVSS_impact_subscore6.9
      • CVSS_exploit_subscore3.4
      • nvd_xml_version(null)
      • CVSS_vector(AV:L/AC:M/Au:N/C:N/I:N/A:C)
      • sourcecve
      • pub_date2017-01-18
      • published2013-07-16
      • modified_date2013-07-16
      • typeCVE
      • seq2013-2188
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/rvm/gems/ruby-3.0.2/bin:/usr/local/rvm/gems/ruby-3.0.2@global/bin:/usr/local/rvm/rubies/ruby-3.0.2/bin:/usr/share/Modules/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/usr/local/rvm/bin:/var/lib/snapd/snap/bin:/root/bin:/sbin:/usr/local/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:692/sort:title/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:692/sort:title/direction:desc
Remote Port	8037
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.64
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Ld Library Path	/usr/local/apache24/lib
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.5.136
Http Via	1.1 squid-proxy-75b5465b89-tcqtb (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=1kua224i5jeqs718nr88p914t7
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.64
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.64
Unique Id	aC-LHmnia6q-jc0VmmvtDQAAAVA
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.64
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.64
Redirect Unique Id	aC-LHmnia6q-jc0VmmvtDQAAAVA
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.64
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.64
Redirect Redirect Unique Id	aC-LHmnia6q-jc0VmmvtDQAAAVA
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1747946270.5853
Request Time	1747946270

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php