Directory traversal vulnerability in script/cat_for_aff.php in Netref 4 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the ad_direct parameter.
https://www.exploit-db.com/exploits/2677
https://exchange.xforce.ibmcloud.com/vulnerabilities/29889