source: http://www.securityfocus.com/bid/2389/info

Requesting a specailly crafted URL containg arbitrary code, can be exected on a Unix system running Bajie Webserver. Any arbitrary commands appended to a malicious URL after the ';' will be executed as an independent job. 

http://target/bin/test.txt;%20[shell command]