DansGuardian contains a flaw that may allow an attacker to bypass the filter. The issue is due to the filter not properly handling URLs with "double dot" path notation (/../). With a specially crafted URL, the filter will not recognize it allowing it past any established rules.
Upgrade to version 2.7.7-2 beta or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.