A security vulnerability in the product allows attackers to perform a directory traversal attack and access files that reside outside the normal HTTP root directory.http://target/cgi-bin/directorypro.cgi?want=showcat&show=../../../../etc/passwd%00http://www.securityfocus.com/bid/2793