Format string vulnerability in the SCP module in Ipswitch WS_FTP 2007 Professional might allow remote attackers to execute arbitrary commands via format string specifiers in the filename, related to the SHELL WS_FTP script command.
https://exchange.xforce.ibmcloud.com/vulnerabilities/31865
http://www.securityfocus.com/bid/22275
http://www.securityfocus.com/archive/1/458293/100/0/threaded