SQL injection vulnerability in CA Clever Path Portal allows remote authenticated users to execute limited SQL commands and retrieve arbitrary database contents via (1) the ofinterest parameter in a light search query, (2) description parameter in the advanced search query, and possibly other vectors.
References
Configurations
History
07 Apr 2021, 18:57
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:broadcom:cleverpath_portal:*:*:*:*:*:*:*:* |
Information
Published : 2007-04-25 15:19
Updated : 2023-12-10 10:40
NVD link : CVE-2007-2230
Mitre link : CVE-2007-2230
CVE.ORG link : CVE-2007-2230
JSON object : View
Products Affected
broadcom
- cleverpath_portal
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')