I (and maybe some others before me) found a major security bug in Zeleotypisti FTP,
The bug allows makes FTP info visible to all that use the same webaddress to use Zelotypisti FTP,
This is caused by a little scripting bug in the PHP coding:
first I used session_id("ftp");
which I now changed to session_id(md5($_SERVER['REMOTE_ADDR']));
Tomorrow I will upload a package with the security update, the online demo is allready save.