Another hole found while mass auditing free cgi scripts. After finding
it and writing code for it I noticed there is already a a BID
(http://www.securityfocus.com/archive/1/425970), but no code. So, here
is some code. Maybe this will further provoke the author to get it
fixed.
–K-sPecial