2014-06-09 19:00:00
mitre
PUBLISHED
QNAP Photo Station before firmware 4.0.3 build0912 allows remote attackers to list OS user accounts via a request to photo/p/api/list.php.