Directory traversal vulnerability in PowerPortal 2.0.13 allows remote attackers to list and possibly read arbitrary files via a .. (dot dot) in the path parameter to the default URI.
https://www.exploit-db.com/exploits/6604
https://exchange.xforce.ibmcloud.com/vulnerabilities/45491
http://www.securityfocus.com/bid/31454