source: https://www.securityfocus.com/bid/24039/info
PsychoStats is prone to a path-disclosure issue when invalid data is submitted.
Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks against a vulnerable computer.
PsychoStats 3.0.6b and prior versions are vulnerable to this issue.
http://www.example.com/[path]/server.php?newcss=styles.css&newtheme=%00