download.php in McGallery 0.5b allows remote malicious users to read arbitrary files and obtain script source code via the filename parameter.
mcgallery mcgallery 0.5b