← back
CVE-2019-13409

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)

EPSS 1.2%CWE-89
A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.
Affected products
TOPOO Technology · TOPMeeting

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://tvn.twcert.org.tw/taiwanvn/TVN-201907001https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html