Directory traversal vulnerability in mboard.php in PHPJunkYard (aka Klemen Stirn) MBoard 1.22 and earlier allows remote attackers to create arbitrary empty files via a .. (dot dot) in the orig_id parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/30558
http://www.vupen.com/english/advisories/2006/4769
http://www.securityfocus.com/bid/21304
http://www.securityfocus.com/archive/1/452772/100/0/threaded
http://www.mayhemiclabs.com/wiki/wikka.php?wakka=MHL2006004
http://www.mayhemiclabs.com/advisories/MHL-2006-004.txt