SQL Injection Vulnerability in CA Clever Path Portal
CVE-2007-2230

Currently unrated

Key Information:

Vendor: Broadcom
Status: Cleverpath Portal
Vendor: CVE Published:; 25 April 2007

What is CVE-2007-2230?

A vulnerability exists within CA Clever Path Portal that allows remote authenticated users to perform SQL injection attacks. By crafting specific parameters in search queries, such as 'ofinterest' in a light search and 'description' in an advanced search query, an attacker can execute limited SQL commands. This could lead to unauthorized disclosure of sensitive database contents, highlighting the importance of securing web applications against such injection flaws.

References

http://www.hacktics.com/AdvCleverPathApr07.html

x_refsource_MISC

http://www.vupen.com/english/advisories/2007/1544

vdb-entryx_refsource_VUPEN

http://archives.neohapsis.com/archives/fulldisclosure/200...

mailing-listx_refsource_FULLDISC

Timeline

Vulnerability published
Apr 25, 2007
Vulnerability Reserved
Apr 25, 2007

Broadcom

What is CVE-2007-2230?

References

Timeline