Cuppa CMS v1.0 is vulnerable to local file inclusion via the component /templates/default/html/windows/right.php.
View the template here CVE-2022-34121.yaml
References:
https://github.com/hansmach1ne/MyExploits/tree/main/LFI_in_CuppaCMS_templates