Public CVE-2005-4164 disclosure

Directory traversal vulnerability in captcha.php in Captcha PHP 0.9 allows remote attackers to read arbitrary files via the _tcf parameter.