There is a full path disclosure in .jbf files (paint shop pro), which by itself is not a vulnerability, but it becomes interesting when uploaded or used on webservers. Use a tool like 'strings' to read the ascii parts, the path is on the top of the file.