Weak access control in OpenText PVCS Version Manager allows potential bypassing of authentication and uploading of files.