MiniWebsvr is "a tiny/small HTTP web server that aims to one day be embeddable". A vulnerability in MiniWebSvr allows remote attackers to access files that reside outside the bounding HTML root directory.

http://www.securiteam.com/windowsntf...HP070UNPA.html