EUVD-2019-4903

Malware in sbrugna...

TOPMeeting Information Disclosure Vulnerability

TOPMeeting is a video conferencing solution. An information disclosure vulnerability exists in versions prior to TOPMeeting 8.8 2019/08/19, which stems from the program displaying the accounts and passwords of people participating in a meeting on a front-end page. An attacker can exploit the...

TOPMeeting SQL Injection Vulnerability

TOPMeeting is a video conferencing solution. A SQL injection vulnerability exists in versions prior to TOPMeeting 8.8 2019/08/19. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can exploit the vulnerability to...

CVE-2019-13410

TOPMeeting before version 8.8 2019/08/19 shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page...

CVE-2019-13409

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...

CVE-2019-13409

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...

Sql injection

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...

CVE-2019-13410 TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information

TOPMeeting before version 8.8 2019/08/19 shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page...

CVE-2019-13410

TOPMeeting vulnerability CVE-2019-13410 affects TOPMeeting versions before 8.8. The issue is information disclosure: attendees’ accounts and passwords are exposed on a front-end page; an attacker can obtain this by inspecting the page source. Root cause: sensitive credentials displayed in the cli...

CVE-2019-13409 A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 2019/08/19. An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password...

CVE-2019-13409

CVE-2019-13409 describes a SQL injection in TOPMeeting prior to version 8.8 (2019/08/19). The vulnerability allows an attacker to perform a union-based injection via the search meeting room feature to retrieve database schema and credentials (username/password). Affected: TOPMeeting