Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter.
Related posts