2007-06-06 10:00:00
mitre
PUBLISHED
listmembers.php in EQdkp 1.3.2c and earlier allows remote attackers to obtain sensitive information via an invalid compare parameter, which reveals the path.