A poorly configured file opens users up to site takeover.
Source: threatpost.com