LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
pokkho lango 1.0