text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. Date published : 2005-04-28 http://marc.info/?l=bugtraq&m=1