Use Prophaze EagleEye for Web/API Security
Overview :
TOPMeeting  security issues fixed.
Affected Product(s) :
  • TOPMeeting before version 8.8
Vulnerability Details :
CVE ID : CVE-2019-13409
A SQL injection vulnerability was discovered in TOPMeeting before version 8.8 (2019/08/19). An attacker can use a union based injection query string though a search meeting room feature to get databases schema and username/password.
CVE ID : CVE-2019-13410
TOPMeeting before version 8.8 (2019/08/19) shows attendees account and password in front end page that allows an attacker to obtain sensitive information by browsing the source code of the page.

Solution :
Update to the latest version