CVE-2004-0696
The ShellExample.cgi script in 4D WebSTAR 5.3.2 and earlier allows remote attackers to list arbitrary directories via a URL with the desired path and a "*" (asterisk) character.
Date published : 2004-07-16
http://www.atstake.com/research/advisories/2004/a071304-1.txt