Directory traversal vulnerability in Virtools Web Player 3.0.0.100 and earlier allows remote attackers to overwrite arbitrary files via a .. (dot dot) in a filename.
https://exchange.xforce.ibmcloud.com/vulnerabilities/22471
http://securitytracker.com/id?1014993
http://securityreason.com/securityalert/40