CVE-2013-3922
Directory traversal vulnerability in Gummy Bear Studios FTP Drive + HTTP Server 1.0.4 and earlier allows remote attackers to read arbitrary files via a ..%2f (encoded dot dot slash) in a GET request.
Date published : 2013-11-25
https://www.trustwave.com/spiderlabs/advisories/TWSL2013-032.txt