Directory traversal vulnerability in unzip/extract feature in eXtplorer 2.1.9 allows remote attackers to execute arbitrary files via a .. (dot dot) in an archive file.
http://www.securityfocus.com/bid/98069
http://www.securityfocus.com/archive/1/538386/100/0/threaded