Betsy version 4.0 suffers from a local file inclusion vulnerability.
3ee7d8ecac43de6de62998ffbcd7d6e8fede151a38268e89cdbd70b8a8a04e49
/*
Name : Betsy v4.0
Vuln : Local File Include
WebSite : http://www.betsy.fr/
Author : Hamza 'MizoZ' N.
Email : mizozx@gmail.com
*/
Input passed to the "page" parameter in ress.php is not properly verified
before being used to include files. This can be exploited to include
arbitrary files from local resources.
EXPLOIT :
http://server/[Betsy PATH]/ress.php?page=[LFI]