This indicates a vulnerability in Ajax File Browser. This vulnerability is caused by the failure to validate the "approot" parameter in the "_includes/settings.inc.php" script. The vulnerability allows remote attackers to include malicious PHP scripts and execute arbitrary commands.
Ajax File Browser version 3 beta 2007-08-28 and prior.
System compromise, remote script execution.
Currently we are not aware of any official fix for this issue.