GAT-Ship Web Module up to and including 1.30 allows remote malicious users to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.
CVE-2019-12163
_______________________________________________
Sent through the Full Disclosure mailing list
nmaporg/mailman/listinfo/fulldisclosure
Web Archives & RSS: seclistsorg/fulldisclosure/ ...