CompleteFTP path traversal flaw allowed attackers to delete server files
A security researcher with the handle rgod discovered a flaw in the HttpFile class that results from the lack of proper validation of a user-supplied path prior to using it in file operations.