Directory traversal vulnerability in Dynamic Galerie 1.0 allows remote attackers to access arbitrary files via an absolute path in the pfad parameter to (1) index.php and (2) galerie.php.
https://exchange.xforce.ibmcloud.com/vulnerabilities/26322
http://www.vupen.com/english/advisories/2006/1699
http://www.securityfocus.com/bid/17896
http://secunia.com/advisories/19995
http://d4igoro.blogspot.com/2006/05/dynamic-galerie-10-path-traversal-xss.html