go to Content
:::

TWCERT/CC Taiwan Computer Emergency Response Team/Coordination Center

:::
Date:
Font-stze:

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)

TVN ID TVN-201907001
CVE ID CVE-2019-13409
Affected Products TOPMeeting before version 8.8 (2019/08/19)
Description A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.
Solution Update to the latest version
Credit Jian-Xun Lee
Public Date 2019-10-17

Links

  1. CVE-2019-13409
Top