Serious Hole in Comment/Discussion CGI Script

[Barry Russell <bjz11600 () PRODIGY NET>]

I found a sample Comment/Discussion Script that lets visitors visit a
persons site and leave a quick comment. The comments are shown through a

CGI Script, and the script opens the file that has the comments. I
looked at the script and saw that it allows you to read other txt
files(since it uses env query_string to know what file to open), The
code is below, I was wondering if there were any other bugs in this. I
tried openning other files with it but with no luck. Tried the null byte

trick also, any other things wrong with this ?

#--Code--
#!/usr/bin/perl
print "Content-type: text/html\n\n";
($article,$count)=split(/\&/, $ENV{QUERY_STRING});

open(FILE, "commentdata/$article.txt");
@lines=<FILE>;
close FILE;
chomp @lines;
@lines=reverse @lines;

foreach $line (@lines) {
        ($comment,$name)=split(/\^/, $line);
        print "<font size=1 face=arial>- $comment<Br>";
        $num++;
        last if $num==$count;
}

so far I was only able to read other text files, any suggestions are
appreciated.