PHP remote file inclusion vulnerability in index.php in EasyIns Stadtportal 4 allows remote attackers to execute arbitrary PHP code via the site parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/16797
http://www.securityfocus.com/bid/10795