The hyper.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument.