Cuppa CMS v1.0 exists to contain a local file inclusion (LFI) vulnerability via the component /templates/default/html/windows/right.php.
cuppacms cuppacms 1.0