CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2019-13409

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0150%
EPSS Percentile24.57th
Published2019年10月17日
Last Modified2024年11月21日

Vulnerability Description

A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.

Affected Platforms (CPE)

📦
Topmeeting

Topmeeting

< 8.8

References & Advisories

🔗 https://tvn.twcert.org.tw/taiwanvn/TVN-201907001
🔗 https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html
🔗 https://tvn.twcert.org.tw/taiwanvn/TVN-201907001
🔗 https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html

相關漏洞威脅

CVE-2019-134107.5

TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtai...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...