PHP remote file inclusion vulnerability in eintrag.php in Weltennetz News-Letterman 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the sqllog parameter.