Request History

4 previous requests available

• Restore to current request
• nvdinfos/view/55836
• nvdinfos/view/86999
• nvdreves/view/208772
• nvdinfos/view/51217

Session

• 0(null)

Request

Cake Params

• plugin(null)
• controllerjvninfos
• actionindex
• named(array)
  • page900
  • sortcveinfo_id
  • directiondesc
• pass(empty)
• paging(array)
  • Jvninfo(array)
    • page900
    • current5
    • count68839
    • prevPage(true)
    • nextPage(true)
    • pageCount13768
    • order(array)
      • Jvninfo.cveinfo_iddesc
    • limit5
    • options(array)
      • page900
      • order(array)
        • Jvninfo.cveinfo_iddesc
      • sortcveinfo_id
      • directiondesc
      • conditions(empty)
    • paramTypenamed

Post data

No post data.

Query string

No querystring data.

Cookie

To view Cookies, add CookieComponent to Controller

Current Route

• keys(array)
  • 0controller
  • 1action
• options(array)
  • defaultRoute(true)
• defaults(array)
  • plugin(null)
• template/:controller/:action/*

Sql Logs

Logs

View Variables

• jvninfos(array)
  • 0(array)
    • Jvninfo(array)
      • id44
      • nameJVNDB-2016-000046
      • titlea-blog cms におけるクロスサイトスクリプティングの脆弱性
      • summary有限会社アップルップルが提供する a-blog cms は、コンテンツ管理システム (CMS) です。 a-blog cms には、コメント機能の標準テンプレートに格納型のクロスサイトスクリプティングの脆弱性が存在します。
      • cveinfo_nameCVE-2016-1179
      • cveinfo_id87685
      • nvdinfo_nameCVE-2016-1179
      • nvdinfo_id(null)
      • cvssv24.3
      • cvssv34.7
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000046.html
      • published_date2016-05-16
      • registered_date2016-05-16
      • last_updated_date2016-05-16
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id87685
      • nameCVE-2016-10177
      • statusCandidate
      • descriptionAn issue was discovered on the D-Link DWR-932B router. Undocumented TELNET and SSH services provide logins to admin with the password admin and root with the password 1234.
      • phaseAssigned (20170129)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id(null)
      • name(null)
      • description(null)
      • reject(null)
      • CVSS_version(null)
      • CVSS_score(null)
      • severity(null)
      • CVSS_base_score(null)
      • CVSS_impact_subscore(null)
      • CVSS_exploit_subscore(null)
      • nvd_xml_version(null)
      • CVSS_vector(null)
      • source(null)
      • pub_date(null)
      • published(null)
      • modified_date(null)
      • type(null)
      • seq(null)
      • deleted(null)
      • created(null)
      • modified(null)
  • 1(array)
    • Jvninfo(array)
      • id45
      • nameJVNDB-2016-000047
      • titlea-blog cms におけるセッション管理不備の脆弱性
      • summary有限会社アップルップルが提供する a-blog cms は、コンテンツ管理システム (CMS) です。 a-blog cms には、コメント機能にセッション管理不備の脆弱性が存在します。
      • cveinfo_nameCVE-2016-1178
      • cveinfo_id87684
      • nvdinfo_nameCVE-2016-1178
      • nvdinfo_id(null)
      • cvssv25.8
      • cvssv34.8
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000047.html
      • published_date2016-05-16
      • registered_date2016-05-16
      • last_updated_date2016-05-16
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id87684
      • nameCVE-2016-10176
      • statusCandidate
      • descriptionThe NETGEAR WNR2000v5 router allows an administrator to perform sensitive actions by invoking the apply.cgi URL on the web server of the device. This special URL is handled by the embedded web server (uhttpd) and processed accordingly. The web server also contains another URL, apply_noauth.cgi, that allows an unauthenticated user to perform sensitive actions on the device. This functionality can be exploited to change the router settings (such as the answers to the password-recovery questions) and achieve remote code execution.
      • phaseAssigned (20170129)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id(null)
      • name(null)
      • description(null)
      • reject(null)
      • CVSS_version(null)
      • CVSS_score(null)
      • severity(null)
      • CVSS_base_score(null)
      • CVSS_impact_subscore(null)
      • CVSS_exploit_subscore(null)
      • nvd_xml_version(null)
      • CVSS_vector(null)
      • source(null)
      • pub_date(null)
      • published(null)
      • modified_date(null)
      • type(null)
      • seq(null)
      • deleted(null)
      • created(null)
      • modified(null)
  • 2(array)
    • Jvninfo(array)
      • id35
      • nameJVNDB-2016-000037
      • titleWisePoint におけるクリックジャッキングの脆弱性
      • summaryWisePoint には、管理画面にクリックジャッキングの脆弱性が存在します。
      • cveinfo_nameCVE-2016-1177
      • cveinfo_id87683
      • nvdinfo_nameCVE-2016-1177
      • nvdinfo_id17626
      • cvssv24
      • cvssv35.4
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000037.html
      • published_date2016-04-04
      • registered_date2016-04-04
      • last_updated_date2016-04-07
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id87683
      • nameCVE-2016-10175
      • statusCandidate
      • descriptionThe NETGEAR WNR2000v5 router leaks its serial number when performing a request to the /BRS_netgear_success.html URI. This serial number allows a user to obtain the administrator username and password, when used in combination with the CVE-2016-10176 vulnerability that allows resetting the answers to the password-recovery questions.
      • phaseAssigned (20170129)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id17626
      • nameCVE-2016-1177
      • descriptionThe management screen in Falcon WisePoint 4.3.1 and earlier and WisePoint Authenticator 4.1.19.22 and earlier allows remote attackers to conduct clickjacking attacks via unspecified vectors.
      • reject(null)
      • CVSS_version2
      • CVSS_score4.3
      • severityMedium
      • CVSS_base_score4.3
      • CVSS_impact_subscore2.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:N)
      • sourcecve
      • pub_date2017-01-19
      • published2016-04-05
      • modified_date2016-04-11
      • typeCVE
      • seq2016-1177
      • deleted(null)
      • created(null)
      • modified(null)
  • 3(array)
    • Jvninfo(array)
      • id36
      • nameJVNDB-2016-000038
      • titleEVAアニメータ用 ActiveX コントロールにおけるバッファオーバーフローの脆弱性
      • summaryシャープ株式会社が提供する EVAアニメータ用 ActiveX コントロールには、バッファオーバーフローの脆弱性が存在します。
      • cveinfo_nameCVE-2016-1176
      • cveinfo_id87682
      • nvdinfo_nameCVE-2016-1176
      • nvdinfo_id17625
      • cvssv26.8
      • cvssv36.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000038.html
      • published_date2016-04-04
      • registered_date2016-04-04
      • last_updated_date2016-04-20
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id87682
      • nameCVE-2016-10174
      • statusCandidate
      • descriptionThe NETGEAR WNR2000v5 router contains a buffer overflow in the hidden_lang_avi parameter when invoking the URL /apply.cgi?/lang_check.html. This buffer overflow can be exploited by an unauthenticated attacker to achieve remote code execution.
      • phaseAssigned (20170129)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id17625
      • nameCVE-2016-1176
      • descriptionBuffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.
      • reject(null)
      • CVSS_version2
      • CVSS_score6.8
      • severityMedium
      • CVSS_base_score6.8
      • CVSS_impact_subscore6.4
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:P/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-04-05
      • modified_date2016-05-09
      • typeCVE
      • seq2016-1176
      • deleted(null)
      • created(null)
      • modified(null)
  • 4(array)
    • Jvninfo(array)
      • id37
      • nameJVNDB-2016-000039
      • titleAQUOSフォトプレーヤー HN-PP150 におけるクロスサイトリクエストフォージェリの脆弱性
      • summaryシャープ株式会社が提供する AQUOSフォトプレーヤー HN-PP150 には、クロスサイトリクエストフォージェリ(CWE-352) の脆弱性が存在します。
      • cveinfo_nameCVE-2016-1175
      • cveinfo_id87681
      • nvdinfo_nameCVE-2016-1175
      • nvdinfo_id17624
      • cvssv22.6
      • cvssv34.3
      • jvnurlhttp://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000039.html
      • published_date2016-04-04
      • registered_date2016-04-04
      • last_updated_date2016-04-07
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified(null)
    • Cveinfo(array)
      • id87681
      • nameCVE-2016-10173
      • statusCandidate
      • descriptionDirectory traversal vulnerability in the minitar before 0.6 and archive-tar-minitar 0.5.2 gems for Ruby allows remote attackers to write to arbitrary files via a .. (dot dot) in a TAR archive entry.
      • phaseAssigned (20170129)
      • votesNone (candidate not yet proposed)
      • comments(null)
      • deleted(null)
      • created0000-00-00 00:00:00
      • modified0000-00-00 00:00:00
    • Nvdinfo(array)
      • id17624
      • nameCVE-2016-1175
      • descriptionCross-site request forgery (CSRF) vulnerability in AQUOS Photo Player HN-PP150 1.02.00.04 through 1.03.01.04 allows remote attackers to hijack the authentication of arbitrary users.
      • reject(null)
      • CVSS_version2
      • CVSS_score5.8
      • severityMedium
      • CVSS_base_score5.8
      • CVSS_impact_subscore4.9
      • CVSS_exploit_subscore8.6
      • nvd_xml_version(null)
      • CVSS_vector(AV:N/AC:M/Au:N/C:N/I:P/A:P)
      • sourcecve
      • pub_date2017-01-19
      • published2016-04-05
      • modified_date2016-04-06
      • typeCVE
      • seq2016-1175
      • deleted(null)
      • created(null)
      • modified(null)
• $request->data(empty)
• $this->validationErrors(array)
  • Jvninfo(empty)
  • Cveinfo(empty)
  • Nvdinfo(empty)
• Loaded Helpers(array)
  • 0Number
  • 1SimpleGraph
  • 2Paginator
  • 3DebugTimer
  • 4Toolbar
  • 5Html
  • 6Text
  • 7Form
  • 8Session
  • 9HtmlToolbar

App Constants

No application environment available.

CakePHP Constants

Constant	Value
APP	/virtual/inogo77/public_html/jvn/app/
APP_DIR	app
APPLIBS	/virtual/inogo77/public_html/jvn/app/Lib/
CACHE	/virtual/inogo77/public_html/jvn/app/tmp/cache/
CAKE	/virtual/inogo77/public_html/jvn/lib/Cake/
CAKE_CORE_INCLUDE_PATH	/virtual/inogo77/public_html/jvn/lib
CORE_PATH	/virtual/inogo77/public_html/jvn/lib/
CAKE_VERSION	2.6.0
CSS	/virtual/inogo77/public_html/jvn/app/webroot/css/
CSS_URL	css/
DS	/
FULL_BASE_URL	http://inogo77.s500.xrea.com
IMAGES	/virtual/inogo77/public_html/jvn/app/webroot/img/
IMAGES_URL	img/
JS	/virtual/inogo77/public_html/jvn/app/webroot/js/
JS_URL	js/
LOGS	/virtual/inogo77/public_html/jvn/app/tmp/logs/
ROOT	/virtual/inogo77/public_html/jvn
TESTS	/virtual/inogo77/public_html/jvn/app/Test/
TMP	/virtual/inogo77/public_html/jvn/app/tmp/
VENDORS	/virtual/inogo77/public_html/jvn/vendors/
WEBROOT_DIR	webroot
WWW_ROOT	/virtual/inogo77/public_html/jvn/app/webroot/

PHP Environment

Environment Variable	Value
Php Version	5.6.40
Phprc	php56.ini
Php Fcgi Children	1
Pwd	/virtual/inogo77/public_html/.fast-cgi-bin
Php Fcgi Max Requests	10000
Shlvl	0
Path	/usr/local/bin:/usr/bin:/bin
Script Name	/jvn/app/webroot/index.php
Request Uri	/jvn/jvninfos/index/page:900/sort:cveinfo_id/direction:desc
Query String
Request Method	GET
Server Protocol	HTTP/1.1
Gateway Interface	CGI/1.1
Redirect Url	/jvn/app/webroot/jvninfos/index/page:900/sort:cveinfo_id/direction:desc
Remote Port	34559
Script Filename	/virtual/inogo77/public_html/jvn/app/webroot/index.php
Server Admin	[no address given]
Context Document Root	/virtual/inogo77/public_html
Context Prefix
Request Scheme	http
Document Root	/virtual/inogo77/public_html
Remote Addr	216.73.216.66
Server Port	80
Server Addr	160.251.151.205
Server Name	inogo77.s500.xrea.com
Server Software	Apache
Server Signature
Http Connection	close
Http Cache Control	max-age=259200
Http X Forwarded For	10.1.244.151
Http Via	1.1 squid-proxy-5b5d847c96-hm7vw (squid/6.10)
Http Host	inogo77.s500.xrea.com
Http Accept Encoding	gzip, br, zstd, deflate
Http Cookie	advanced-frontend=o8imkhrolggeor5n3c9pvh4ak3
Http User Agent	Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)
Http Accept	*/*
Gem Home	/usr/local/rvm/gems/ruby-2.3.0
X Dostranslated Ip	216.73.216.66
Mm Country Code	US
Mmdb Info	result found
Mmdb Addr	216.73.216.66
Unique Id	aEzYFDuCYMuRBOkhfF_sOAAAAJ4
Redirect Status	200
Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect X Dostranslated Ip	216.73.216.66
Redirect Mm Country Code	US
Redirect Mmdb Info	result found
Redirect Mmdb Addr	216.73.216.66
Redirect Unique Id	aEzYFDuCYMuRBOkhfF_sOAAAAJ4
Redirect Redirect Status	200
Redirect Redirect Gem Home	/usr/local/rvm/gems/ruby-2.3.0
Redirect Redirect X Dostranslated Ip	216.73.216.66
Redirect Redirect Mm Country Code	US
Redirect Redirect Mmdb Info	result found
Redirect Redirect Mmdb Addr	216.73.216.66
Redirect Redirect Unique Id	aEzYFDuCYMuRBOkhfF_sOAAAAJ4
Fcgi Role	RESPONDER
Php Self	/jvn/app/webroot/index.php
Request Time Float	1749866517.5105
Request Time	1749866517

Included Files

Include Paths

• 0/virtual/inogo77/public_html/jvn/lib
• 2/opt/remi/php56/root/usr/share/pear
• 3/opt/remi/php56/root/usr/share/php
• 4/usr/share/pear
• 5/usr/share/php
• 6-> /virtual/inogo77/public_html/jvn/lib/Cake/

Included Files

• core(array)
  • Cache(array)
    • 0CORE/Cache/Cache.php
    • 1CORE/Cache/Engine/FileEngine.php
    • 2CORE/Cache/CacheEngine.php
  • Component(array)
    • 0CORE/Controller/Component/SessionComponent.php
    • 1CORE/Controller/Component/PaginatorComponent.php
  • Config(array)
    • 0CORE/Config/routes.php
    • 1CORE/Config/config.php
  • Controller(array)
    • 0CORE/Controller/Controller.php
    • 1CORE/Controller/ComponentCollection.php
    • 2CORE/Controller/Component.php
  • Datasource(array)
    • 0CORE/Model/Datasource/CakeSession.php
    • 1CORE/Model/Datasource/Database/Mysql.php
    • 2CORE/Model/Datasource/DboSource.php
    • 3CORE/Model/Datasource/DataSource.php
  • Error(array)
    • 0CORE/Error/exceptions.php
    • 1CORE/Error/ErrorHandler.php
  • I18n(array)
    • 0CORE/I18n/I18n.php
    • 1CORE/I18n/L10n.php
  • Log(array)
    • 0CORE/Log/CakeLog.php
    • 1CORE/Log/LogEngineCollection.php
    • 2CORE/Log/Engine/FileLog.php
    • 3CORE/Log/Engine/BaseLog.php
    • 4CORE/Log/CakeLogInterface.php
  • Model(array)
    • 0CORE/Model/Model.php
    • 1CORE/Model/BehaviorCollection.php
    • 2CORE/Model/ConnectionManager.php
  • Network(array)
    • 0CORE/Network/CakeRequest.php
    • 1CORE/Network/CakeResponse.php
  • Other(array)
    • 0CORE/bootstrap.php
    • 1CORE/basics.php
    • 2CORE/Core/App.php
    • 3CORE/Core/Configure.php
    • 4CORE/Core/CakePlugin.php
    • 5CORE/Event/CakeEventListener.php
    • 6CORE/Event/CakeEvent.php
    • 7CORE/Event/CakeEventManager.php
    • 8CORE/Core/Object.php
  • Routing(array)
    • 0CORE/Routing/Dispatcher.php
    • 1CORE/Routing/Filter/AssetDispatcher.php
    • 2CORE/Routing/DispatcherFilter.php
    • 3CORE/Routing/Filter/CacheDispatcher.php
    • 4CORE/Routing/Router.php
    • 5CORE/Routing/Route/CakeRoute.php
    • 6CORE/Routing/Route/PluginShortRoute.php
  • Utility(array)
    • 0CORE/Utility/Hash.php
    • 1CORE/Utility/Inflector.php
    • 2CORE/Utility/ObjectCollection.php
    • 3CORE/Utility/Debugger.php
    • 4CORE/Utility/String.php
    • 5CORE/Utility/ClassRegistry.php
  • View(array)
    • 0CORE/View/HelperCollection.php
• app(array)
  • Component(array)
    • 0APP/Controller/Component/CommonComponent.php
  • Config(array)
    • 0APP/Config/core.php
    • 1APP/Config/bootstrap.php
    • 2APP/Config/routes.php
    • 3APP/Config/database.php
  • Controller(array)
    • 0APP/Controller/JvninfosController.php
    • 1APP/Controller/AppController.php
  • Model(array)
    • 0APP/Model/Jvninfo.php
    • 1APP/Model/AppModel.php
    • 2APP/Model/Cveinfo.php
    • 3APP/Model/Nvdinfo.php
  • Other(array)
    • 0APP/webroot/index.php
• plugins(array)
  • DebugKit(array)
    • Component(array)
      • 0DebugKit/Controller/Component/ToolbarComponent.php
    • Other(array)
      • 0DebugKit/Lib/DebugMemory.php
      • 1DebugKit/Lib/Panel/HistoryPanel.php
      • 2DebugKit/Lib/DebugPanel.php
      • 3DebugKit/Lib/Panel/SessionPanel.php
      • 4DebugKit/Lib/Panel/RequestPanel.php
      • 5DebugKit/Lib/Panel/SqlLogPanel.php
      • 6DebugKit/Lib/Panel/TimerPanel.php
      • 7DebugKit/Lib/Panel/LogPanel.php
      • 8DebugKit/Lib/Panel/VariablesPanel.php
      • 9DebugKit/Lib/Panel/EnvironmentPanel.php
      • 10DebugKit/Lib/Panel/IncludePanel.php
      • 11DebugKit/Lib/DebugTimer.php
    • Log(array)
      • 0DebugKit/Lib/Log/Engine/DebugKitLog.php