Your provider gave you (at least) read privileges over the directory webXXX
If you're not supposed to go there that is a serious security problem.
Probably other provider's clients can see your directory.
Edit:
Just to be more accurate about what I mean with "you".
It's actually the "user" the web server is running as that has those access privileges.
The web server is also configured to allow executing shell commands with php (not all providers allow this).
The conseguence of the above two is that actually you can read (and probably) write in someone else's space.