This script is possibly vulnerable to URL redirection attacks.
URL redirection is sometimes used as a part of phishing attacks that confuse visitors about which web site they are visiting.
A remote attacker can redirect users from your website to a specified URL. This problem may assist an attacker to conduct phishing attacks, trojan distribution, spammers.
Your script should properly sanitize user input.
URL Redirection Security Vulnerability
HTTP Response Splitting, Web Cache Poisoning Attacks, and Related Topics