ZNC File Upload Directory Traversal Vulnerability

Summary
ZNC is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an authenticated attacker to upload and overwrite files on the affected computer. Successful exploits will lead to other attacks. Versions prior to ZNC 0.072 are vulnerable,
Solution
Updates are available. Please see the references for more information.
References