When I ftp to my user account with [email protected] I was able to view and download all accounts log files (excluding ftp logs). Correct me if I'm wrong but isnt this very serious, I could generate a map of someone site and if any information is sent via GET such as passwords or credit card info I could grab this from the logs.