CVE-2005-1305

The hyper.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.