AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers.
https://exchange.xforce.ibmcloud.com/vulnerabilities/7186
http://archives.neohapsis.com/archives/bugtraq/2001-09/0235.html