text.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.Referenceshttp://marc.info/?l=bugtraq&m=111445867315415&w=2
