The makers of CPAINT Ajax Toolkit have discovered code execution vulnerabilities in their software. All versions prior to version 1.3-SP are affected.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/39418/ajax.txt
Source: https://packetstormsecurity.com/files/39418/ajax.txt.html