Form-Totaller version 1.0 (form-totaller.cgi) trusts user input for filenames, allowing a remote user to read any file on the webserver.
e3d777d52f8cfacde87ec258a2d6cfa48ba8b637c56c21835cdf716ee4620394
The Everything Form (everythingform.cgi) contains remote vulnerabilities which allow any file on the sytem to be read.
1b339106ce174c1887c0dbb63dc46ef3e2273e5d5d44fae56593ea21e2c22e12