MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary commands by specifying the file name to the "multi" parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/5285
http://archives.neohapsis.com/archives/bugtraq/2000-09/0146.html