Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.
https://exchange.xforce.ibmcloud.com/vulnerabilities/22002
http://www.securityfocus.com/bid/14653
http://www.autistici.org/fdonato/advisory/HomeFtpServer1.0.7-adv.txt