source: https://www.securityfocus.com/bid/16822/info

SPiD is prone to a local file-include vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input.

Successful exploitation of this issue may facilitate the unauthorized viewing of files and execution of local scripts.

http://www.example.com/spiddir/scan_lang_insert.php?lang=../../../../../../../../etc/passwd%00