Multiple PHP remote file inclusion vulnerabilities in index.php in Linkliste 1.2 allow remote attackers to execute arbitrary PHP code via a URL in the (1) styl[top], (2) url_eintrag, or (3) styl[themen] parameter.
https://exchange.xforce.ibmcloud.com/vulnerabilities/36146
http://www.securityfocus.com/bid/26045
http://www.securityfocus.com/archive/1/482006/100/0/threaded
http://www.securityfocus.com/archive/1/477253/100/0/threaded