source: http://www.securityfocus.com/bid/4718/info

Critical Path provides an LDAP (Lightweight Directory Access Protocol) Directory Server called InJoin. InJoin Directory Server is provided for Microsoft Windows operating systems and Unix variants. iCon is the administrative web interface for the inJoin Directory Server.

An attacker with a valid administrative username and password is able to view any file on the system that is accessible to the owner of the iCon process. The contents of arbitrary webserver readable files can be disclosed by supplying their path as the log entry parameter when viewing log entries. 

http://ip:1500/CONF&LOG=/etc/passwd&NOIH=no&FRAMES=y

Here the attacker is able to view the contents of /etc/passwd.
源链接

Hacking more

...