Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    4 vulnerabilities by TOPOO Technology

    CVE-2019-13410 (GCVE-0-2019-13410)

    Vulnerability from cvelistv5 – Published: 2019-10-17 19:25 – Updated: 2024-09-16 18:12
    VLAI
    Title
    TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information
    Summary
    TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TOPOO Technology TOPMeeting Affected: before version 8.8 (2019/08/19)
    Create a notification for this product.
    Date Public
    2019-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:49:24.943Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TOPMeeting",
              "vendor": "TOPOO Technology",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 8.8 (2019/08/19)"
                }
              ]
            }
          ],
          "datePublic": "2019-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Exposure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T19:25:59.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information",
          "x_generator": {
            "engine": "Vulnogram 0.0.8"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2019-10-16T16:00:00.000Z",
              "ID": "CVE-2019-13410",
              "STATE": "PUBLIC",
              "TITLE": "TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TOPMeeting",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before version 8.8 (2019/08/19)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TOPOO Technology"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.8"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-200 Information Exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
                },
                {
                  "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002",
                  "refsource": "CONFIRM",
                  "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2019-13410",
        "datePublished": "2019-10-17T19:25:59.880Z",
        "dateReserved": "2019-07-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:12:58.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-13409 (GCVE-0-2019-13409)

    Vulnerability from cvelistv5 – Published: 2019-10-17 19:24 – Updated: 2024-09-16 20:17
    VLAI
    Title
    A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)
    Summary
    A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TOPOO Technology TOPMeeting Affected: before version 8.8 (2019/08/19)
    Create a notification for this product.
    Date Public
    2019-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:49:24.979Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TOPMeeting",
              "vendor": "TOPOO Technology",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 8.8 (2019/08/19)"
                }
              ]
            }
          ],
          "datePublic": "2019-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T19:24:35.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)",
          "x_generator": {
            "engine": "Vulnogram 0.0.8"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2019-10-16T16:00:00.000Z",
              "ID": "CVE-2019-13409",
              "STATE": "PUBLIC",
              "TITLE": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TOPMeeting",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before version 8.8 (2019/08/19)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TOPOO Technology"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.8"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-89 SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
                },
                {
                  "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001",
                  "refsource": "CONFIRM",
                  "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2019-13409",
        "datePublished": "2019-10-17T19:24:35.696Z",
        "dateReserved": "2019-07-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:17:31.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-13410 (GCVE-0-2019-13410)

    Vulnerability from nvd – Published: 2019-10-17 19:25 – Updated: 2024-09-16 18:12
    VLAI
    Title
    TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information
    Summary
    TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TOPOO Technology TOPMeeting Affected: before version 8.8 (2019/08/19)
    Create a notification for this product.
    Date Public
    2019-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:49:24.943Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TOPMeeting",
              "vendor": "TOPOO Technology",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 8.8 (2019/08/19)"
                }
              ]
            }
          ],
          "datePublic": "2019-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Information Exposure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T19:25:59.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information",
          "x_generator": {
            "engine": "Vulnogram 0.0.8"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2019-10-16T16:00:00.000Z",
              "ID": "CVE-2019-13410",
              "STATE": "PUBLIC",
              "TITLE": "TOPMeeting version before version 8.8 (2019/08/19) allows an attacker to obtain sensitive information"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TOPMeeting",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before version 8.8 (2019/08/19)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TOPOO Technology"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.8"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-200 Information Exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.twcert.org.tw/en/cp-128-3020-27eb5-2.html"
                },
                {
                  "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002",
                  "refsource": "CONFIRM",
                  "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907002"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2019-13410",
        "datePublished": "2019-10-17T19:25:59.880Z",
        "dateReserved": "2019-07-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T18:12:58.445Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-13409 (GCVE-0-2019-13409)

    Vulnerability from nvd – Published: 2019-10-17 19:24 – Updated: 2024-09-16 20:17
    VLAI
    Title
    A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)
    Summary
    A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    Impacted products
    Vendor Product Version
    TOPOO Technology TOPMeeting Affected: before version 8.8 (2019/08/19)
    Create a notification for this product.
    Date Public
    2019-10-16 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T23:49:24.979Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "TOPMeeting",
              "vendor": "TOPOO Technology",
              "versions": [
                {
                  "status": "affected",
                  "version": "before version 8.8 (2019/08/19)"
                }
              ]
            }
          ],
          "datePublic": "2019-10-16T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-89",
                  "description": "CWE-89 SQL Injection",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-10-17T19:24:35.000Z",
            "orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
            "shortName": "twcert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)",
          "x_generator": {
            "engine": "Vulnogram 0.0.8"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@cert.org.tw",
              "DATE_PUBLIC": "2019-10-16T16:00:00.000Z",
              "ID": "CVE-2019-13409",
              "STATE": "PUBLIC",
              "TITLE": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19)"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "TOPMeeting",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "before version 8.8 (2019/08/19)"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "TOPOO Technology"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.8"
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-89 SQL Injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html",
                  "refsource": "CONFIRM",
                  "url": "https://www.twcert.org.tw/en/cp-128-3019-f0dd8-2.html"
                },
                {
                  "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001",
                  "refsource": "CONFIRM",
                  "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201907001"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e",
        "assignerShortName": "twcert",
        "cveId": "CVE-2019-13409",
        "datePublished": "2019-10-17T19:24:35.696Z",
        "dateReserved": "2019-07-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T20:17:31.925Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }