Crossite scripting, physical path leakage, special devices access, file corruption.
vulners.com/securityvulns/securityvulns:doc:3937
vulners.com/securityvulns/securityvulns:doc:4425