Directory traversal vulnerability in getdox.php in Torrential 1.2 allows remote attackers to read arbitrary files via "../" sequences in the query string argument.
https://exchange.xforce.ibmcloud.com/vulnerabilities/23219
http://www.securityfocus.com/bid/15530
http://www.securityfocus.com/archive/1/419103/100/0/threaded