This dynamic link loader does not check on the 'query' parameter that is parsed to the server, therefore by constructing a malformed URL we are able to view the contents of the server, all folders, and files.