Summary
CompleteFTP is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue can allow an attacker to download arbitrary files outside of the FTP server root directory. This may aid in further attacks.
CompleteFTP 3.3.0 is vulnerable
other versions may also be affected.
References
Updated on 2015-03-25