GAT-Ship Web Module up to and including 1.30 allows remote malicious users to obtain potentially sensitive information via {} in a ws/gatshipWs.asmx/SqlVersion request.
gatship web module