It's possible to place downloaded file in any directory from server side.
vulners.com/securityvulns/securityvulns:doc:9913