CVE-2007-2230
CA Clever Path Portal - Authenticated SQL Injection via Search Parameters
Title source: llmDescription
SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors.
References (12)
Core 12
Core References
Exploit, Vendor Advisory x_refsource_misc
http://www.hacktics.com/AdvCleverPathApr07.html
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/1544
Exploit, Vendor Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0648.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/23671
Various Sources x_refsource_confirm
ftp://ftp.ca.com/pub/portal/4.71/4.71.001_188_070329/readme_4.71.001_188_070329.txt
Various Sources x_refsource_confirm
http://supportconnectw.ca.com/public/cp/portal/infodocs/portal-secnot.asp
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/466760/100/0/threaded
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/25002
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://www.securitytracker.com/id?1017970
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://www.osvdb.org/34128
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/33853
Various Sources x_refsource_confirm
http://www.ca.com/us/securityadvisor/newsinfo/collateral.aspx?cid=136879
Scores
EPSS
0.0162
EPSS Percentile
82.1%
Details
CWE
CWE-89
Status
published
Products (1)
broadcom/cleverpath_portal
Published
Apr 25, 2007
Tracked Since
Feb 18, 2026