source: https://www.securityfocus.com/bid/8236/info
It has been reported that attackers may be able to modify the 'location' variable passed to the index.php file to cause the Web server to return arbitrary files. This script is prone to a directory traversal vulnerability, allowing attackers to retrieve any file residing on the filesystem readable by the Web server user.
http://www.example.com/atomicboard/index.php?location=../../../../../../etc/passwd
http://www.example.com/AtomicBoard-0.6.2/index.php?location=anything
