Solution
The scope of both problems relate to the FreeWeb which is the web server component. There are no reported problems with FreeProxy. Details are as follows:
Directory traversal.
By including "../" in the URL, it was possible to open files above the root directory. The vulnerability was limited to reading as the web server is not able to post at this stage. This problem has been fixed.
CreateFile error
For some reason the tester used a "GET CreateFile" command. The word "CreateFile" had no significance as FreeWeb does not execute commands built into the URL. The same error would have occurred for any word placed after the get without a leading "/". The problem related to a bug in the parser which has now been fixed.
Rectified
All FreeProxy versions built after 9 Jan 2004