source: http://www.securityfocus.com/bid/21213/info

Wabbit PHP Gallery is prone to a directory-traversal vulnerability because the application fails to properly sanitize user-supplied input. 

An attacker can exploit this issue to retrieve the contents of arbitrary files in the context of the webserver process. Information obtained may aid in further attacks.

http://www.example.com/index.php?dir=../../../../../../etc/passwd